gm-crypto

A pure JavaScript implementation of GM/T series cryptographic algorithms for Node.js and browsers, with type declaration files support.

• GM/T0003-2012《SM2 public key cryptographic algorithm based on elliptic curves》
• GM/T0004-2012《SM3 cryptographic hash algorithm》
• GM/T0002-2012《SM4 block cipher algorithm》(also aliased as SMS4)

Quick Start

Install

Using npm:

$ npm install gm-crypto

Using yarn:

$ yarn add gm-crypto

Basic Usage

SM2

Public Key Cryptographic Algorithm Based on Elliptic Curves.

const { SM2 } = require('gm-crypto')

const { publicKey, privateKey } = SM2.generateKeyPair()
const originalData = 'SM2 椭圆曲线公钥密码算法'

const encryptedData = SM2.encrypt(originalData, publicKey, {
  inputEncoding: 'utf8',
  outputEncoding: 'base64'
})

const decryptedData = SM2.decrypt(encryptedData, privateKey, {
  inputEncoding: 'base64',
  outputEncoding: 'utf8'
})

SM3

Cryptographic Hash Algorithm.

const { SM3 } = require('gm-crypto')

console.log(SM3.digest('abc'))
console.log(SM3.digest('YWJj', 'base64'))
console.log(SM3.digest('616263', 'hex', 'base64'))

SM4

Block Cipher Algorithm.

const { SM4 } = require('gm-crypto')

const key = '0123456789abcdeffedcba9876543210' // Any string of 32 hexadecimal digits
const originalData = 'SM4 国标对称加密'

/**
 * Block cipher modes:
 * - ECB: electronic codebook
 * - CBC: cipher block chaining
 */

let encryptedData, decryptedData

// ECB
encryptedData = SM4.encrypt(originalData, key, {
  inputEncoding: 'utf8',
  outputEncoding: 'base64'
})
decryptedData = SM4.decrypt(encryptedData, key, {
  inputEncoding: 'base64',
  outputEncoding: 'utf8'
})

// CBC
const iv = '0123456789abcdeffedcba9876543210' // Initialization vector(any string of 32 hexadecimal digits)
encryptedData = SM4.encrypt(originalData, key, {
  iv,
  mode: SM2.constants.CBC,
  inputEncoding: 'utf8',
  outputEncoding: 'hex'
})
decryptedData = SM4.decrypt(encryptedData, key, {
  iv,
  mode: SM2.constants.CBC,
  inputEncoding: 'hex',
  outputEncoding: 'utf8'
})

API

• SM2

  • .generateKeyPair() ⇒ object
  • .encrypt(data, key[, options] ⇒ string | ArrayBuffer
  • .decrypt(data, key[, options]) ⇒ string | ArrayBuffer

• SM3

  • .digest(data[, inputEncoding][, outputEncoding]) ⇒ string | ArrayBuffer

• SM4

  • .encrypt(data, key[, options]) ⇒ string | ArrayBuffer
  • .decrypt(data, key[, options]) ⇒ string | ArrayBuffer

SM2.generateKeyPair()

Generates a new asymmetric key pair.

SM2.encrypt(data, key[, options])

Encrypt data.

Param	Type	Default	Description
data	string|ArrayBuffer|Buffer		Plain message
key	string		Public key generated by SM2.generateKeyPair()
options	object		Options
options.mode	C1C3C2 | C1C2C3	C1C3C2	Concatenation mode
options.inputEncoding	string	"utf8"	The encoding of the plain data string,if data is not a string then inputEncoding is ignored.
options.outputEncoding	string		If outputEncoding is provided, a string will be returned, otherwise a ArrayBuffer is returned.
options.pc	boolean	false	Includes PC mark as first byte

SM2.decrypt(data, key[, options])

Decrypt data.

Param	Type	Default	Description
data	string|ArrayBuffer|Buffer		Ciphered data
key	string		Private key generated by SM2.generateKeyPair()
options.mode	C1C3C2 | C1C2C3	C1C3C2	Concatenation mode
options.inputEncoding	string		The encoding of the plain data string,if data is not a string then inputEncoding is ignored.
options.outputEncoding	string		If outputEncoding is provided, a string will be returned, otherwise a ArrayBuffer is returned.
options.pc	boolean	false	Includes PC mark as first byte

SM3.digest(data, [inputEncoding], [outputEncoding])

Calculates the digest.

Param	Type	Default	Description
data	string|ArrayBuffer|Buffer		Data message
inputEncoding	string	"utf8"	The encoding of the data string, if data is not a string then inputEncoding is ignored.
outputEncoding	string		If outputEncoding is provided, a string will be returned, otherwise a ArrayBuffer is returned.

SM4.encrypt(data, key[, options])

Encrypt data.

Param	Type	Default	Description
data	string|ArrayBuffer|Buffer		Plain message
padding	string		'pkcs7' or 'zero'
key	string		Cipher key(any string of 32 hexadecimal digits)
options	object		Options
options.mode	ECB | CBC	ECB	Block cipher mode
options.iv	string		Initialization vector(any string of 32 hexadecimal digits)
options.inputEncoding	string	"utf8"	The encoding of the plain data string,if data is not a string then inputEncoding is ignored.
options.outputEncoding	string		If outputEncoding is provided, a string will be returned, otherwise a ArrayBuffer is returned.

SM4.decrypt(data, key[, options])

Decrypt data.

Param	Type	Default	Description
data	string|ArrayBuffer|Buffer		Ciphered data
padding	string		'pkcs7' or 'zero'
key	string		Cipher key(any string of 32 hexadecimal digits)
options	object		Options
options.mode	ECB | CBC	ECB	Block cipher mode
options.iv	string		Initialization vector(any string of 32 hexadecimal digits)
options.inputEncoding	string		The encoding of the plain data string,if data is not a string then inputEncoding is ignored.
options.outputEncoding	string		If outputEncoding is provided, a string will be returned, otherwise a ArrayBuffer is returned.