sm2js is a pure Javascript implementation of the GM-Standards SM2 (also support sm3/sm4) based on jsrsasign.
基于jsrsasign实现的优势在于充分利用jsrsasign的PKIX,CSR,CERT,PKCS8等处理能力。您也可以参考另外一个实现:sjcl-sm。
- sign/verify functions (Passed integration test with ALI KMS)
- sm2Sign/sm2Verify functions (include uid and curve related parameters in signature)
- encrypt/decrypt functions (Passed integration test with ALI KMS), support both PLAIN and ASN.1 encoding format ciphertext output
- SM2 certificate signing request generation and parse
- SM2 certificate parse and verify signature, test CA & certificate are generated from https://www.gmcert.org/
- Parse SM2 private key in PKCS8 format (both encrypted and plaintext).
For usage, please reference sm2_test.js
SM3使用比较简单,请参考cryptojs_sm3_test.js。单独的SM3实现,可以参考gmsm-sm3js。
jsrsasign 内嵌了crypto-js的剪裁版本,只支持默认的CBC模式和PKCS7填充模式(本实现为了测试,添加了ECB模式和无填充填充模式)。本SM4实现同时实现了sjcl所需方法,所以可以和sjcl支持的加密模式一起使用。具体使用方法,请参考cryptojs_sm4_test.js。当然,把本SM4实现和独立的crypto-js结合使用也是可以的。
在NodeJS环境下,修改过的KJUR.crypto.Cipher.encrypt和KJUR.crypto.Cipher.decrypt会优先使用NodeJS Native实现,这两个方法目前只支持以下模式:
- aes128-CBC
- aes256-CBC
- des-EDE3-CBC
- sm4-CBC