Giter VIP home page Giter VIP logo

knitmesh / gmssl Goto Github PK

View Code? Open in Web Editor NEW
68.0 1.0 41.0 6.07 MB

GmSSL is a python implementation of an open source encryption package which supports SM2 SM3 SM4 and other state secret national commercial password algorithms and the project adopts the BSD open source license which is friendly to commercial applications which is open source and can be used for closed source commercial applications

Python 5.26% HTML 2.39% JavaScript 92.35%

gmssl's Introduction

GMSSL python 2.7.14

GmSSL是一个开源的加密包的python实现,支持SM2/SM3/SM4等国密(国家商用密码)算法、项目采用对商业应用友好的类BSD开源许可证,开源且可以用于闭源的商业应用。

安装

pip install gmssl

SM2算法

RSA算法的危机在于其存在亚指数算法,对ECC算法而言一般没有亚指数攻击算法 SM2椭圆曲线公钥密码算法:我国自主知识产权的商用密码算法,是ECC(Elliptic Curve Cryptosystem)算法的一种,基于椭圆曲线离散对数问题,计算复杂度是指数级,求解难度较大,同等安全程度要求下,椭圆曲线密码较其他公钥算法所需密钥长度小很多。

gmssl是包含国密SM2算法的Python实现, 提供了 encryptdecrypt等函数用于加密解密, 用法如下:

1. 初始化CryptSM2

import base64
import binascii
from gmssl import sm2, func
#16进制的公钥和私钥
private_key = '00B9AB0B828FF68872F21A837FC303668428DEA11DCD1B24429D0C99E24EED83D5'
public_key = 'B9C9A6E04E9C91F7BA880429273747D7EF5DDEB0BB2FF6317EB00BEF331A83081A6994B8993F3F5D6EADDDB81872266C87C018FB4162F5AF347B483E24620207'
sm2_crypt = sm2.CryptSM2(
    public_key=public_key, private_key=private_key)

2. encryptdecrypt

#数据和加密后数据为bytes类型
data = "111"
enc_data = sm2_crypt.encrypt(data)
dec_data =sm2_crypt.decrypt(enc_data)
assert dec_data == data

3. signverify

data = "111" # bytes类型
random_hex_str = func.random_hex(sm2_crypt.para_len)
sign = sm2_crypt.sign(data, random_hex_str) #  16进制
assert sm2_crypt.verify(sign, data) #  16进制

SM4算法

国密SM4(无线局域网SMS4)算法, 一个分组算法, 分组长度为128bit, 密钥长度为128bit, 算法具体内容参照SM4算法

gmssl是包含国密SM4算法的Python实现, 提供了 encrypt_ecbdecrypt_ecbencrypt_cbcdecrypt_cbc等函数用于加密解密, 用法如下:

1. 初始化CryptSM4

from gmssl.sm4 import CryptSM4, SM4_ENCRYPT, SM4_DECRYPT

key = '3l5butlj26hvv313'
value = '111' #  bytes类型
iv = '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' #  bytes类型
crypt_sm4 = CryptSM4()

2. encrypt_ecbdecrypt_ecb

crypt_sm4.set_key(key, SM4_ENCRYPT)
encrypt_value = crypt_sm4.crypt_ecb(value) #  bytes类型
crypt_sm4.set_key(key, SM4_DECRYPT)
decrypt_value = crypt_sm4.crypt_ecb(encrypt_value) #  bytes类型
assert value == decrypt_value

3. encrypt_cbcdecrypt_cbc

crypt_sm4.set_key(key, SM4_ENCRYPT)
encrypt_value = crypt_sm4.crypt_cbc(iv , value) #  bytes类型
crypt_sm4.set_key(key, SM4_DECRYPT)
decrypt_value = crypt_sm4.crypt_cbc(iv , encrypt_value) #  bytes类型
assert value == decrypt_value

gmssl's People

Contributors

knitmesh avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar

Forkers

mitibiki fffff0001 catgooddog wpstarnice huanghf noraacy7 xiaoxiaoluo1 haoht nine1314 sealkingking hongruixing 1449312219 hb0902 dongzhenh wangjiexun r4b3rt karmavpn goodready realguan xssdhr scc-itcast lchang1977

gmssl's Issues

Installation fails due to conflicting pbr version

Hi, users are unable to run servos-framework due to dependency conflict with pbr package. As shown in the following full dependency graph of servos-framework, servos-framework requires pbr >=1.8,while jsonpath-rw-ext requires pbr >=1.4,<2.0.

According to pip’s “first found wins” installation strategy, pbr 5.4.4 is the actually installed version. However, pbr 5.4.4 does not satisfy >=1.4,<2.0.

Dependency tree-----------

servos-framework - 0.0.1.dev6
| +- pbr(install version:5.4.4 version range:>=1.8)
| +- i18n(install version:0.2 version range:==0.2)
| | +- babel(install version:2.7.0 version range:*)
| | | +- pytz(install version:2019.3 version range:>=0a)
| | +- py(install version:1.8.0 version range:*)
| +- oslo.messaging(install version:5.10.0 version range:==5.10.0)
| | +- amqp(install version:1.4.9 version range:<2.0,>=1.4.0)
| | +- kombu(install version:4.6.7 version range:>=3.0.25)
| | | +- amqp(install version:2.5.2 version range:<2.6,>=2.5.2)
| | +- pika(install version:1.1.0 version range:>=0.10.0)
| | +- pika-pool(install version:0.1.3 version range:>=0.1.3)
| | | +- pika(install version:0.10.0 version range:<0.11,>=0.9)
| +- pylibmc(install version:1.5.1 version range:==1.5.1)
| +- babel(install version:2.7.0 version range:>=2.3)
| | +- pytz(install version:2019.3 version range:>=0a)
| +- oslo.service(install version:1.16.0 version range:==1.16.0)
| +- jsonpath-rw-ext(install version:1.0.0 version range:==1.0.0)
| | +- babel(install version:2.7.0 version range:>=1.3)
| | | +- pytz(install version:2019.3 version range:>=0a)
| | +- jsonpath-rw(install version:1.4.0 version range:>=1.2.0)
| | +- pbr(install version:1.10.0 version range:>=1.4,<2.0)
| +- six(install version:1.13.0 version range:>=1.9.0)

Thanks for your help.
Best,
Neolith

SM4加密长度为16倍数的数据也强制填充了

`padding = lambda data, block=16: data + [(16 - len(data) % block)for _ in range(16 - len(data) % block)]

def crypt_ecb(self, input_data):
    # SM4-ECB block encryption/decryption
    input_data = bytes_to_list(input_data)
    if self.mode == SM4_ENCRYPT:
        input_data = padding(input_data)
    length = len(input_data)
    i = 0
    output_data = []
    while length > 0:
        output_data += self.one_round(self.sk, input_data[i:i+16])
        i += 16
        length -= 16
    if self.mode == SM4_DECRYPT:
        return list_to_bytes(unpadding(output_data))
    return list_to_bytes(output_data)`

SM4算法如果输入数据长度如果不是16倍数,应该报错,而不是执行填充吧。
SM4是否不支持填充的?

另外,这里的数据长度如果是16的倍数,现在情况是填充了16个0x10。此种情况是否不应该填充?

javascript sm2加密后解密失败

为什么我用自己生成的公钥私钥sm2加密后解密失败,只能用你提供的方法生成的公私钥才可以加密解密。
公钥: 04a564482207852921aab0397b3251eb3b30f82ef94dc14e9b8050e09e5387d34e0959c024f66caac10eecf3fbaeec8bfa99fe31a2e8ae1478ddf02d53d1628b
私钥:
e17412af52f0a0ce72b45ea4bba0064953ee48386edde2a1b881d35ef7189193

我用别的平台用我的公私钥可以sm2加解密的。我对比下,发现和你用的标准曲线方程参数一样默认sm2的。id也一样1234567812345678.唯一不同你曲线方程有h我的没有

Installation fails due to conflicting pika version

Hi, users are unable to run servos-framework due to dependency conflict with pika package. As shown in the following full dependency graph of servos-framework, oslo.messaging requires pika >=0.10.0,while pika-pool requires pika <0.11,>=0.9.

According to pip’s “first found wins” installation strategy, pika 1.1.0 is the actually installed version. However, pika 1.1.0 does not satisfy <0.11,>=0.9.

Dependency tree-----------

servos-framework - 0.0.1.dev6
| +- pbr(install version:5.4.4 version range:>=1.8)
| +- i18n(install version:0.2 version range:==0.2)
| | +- babel(install version:2.7.0 version range:*)
| | | +- pytz(install version:2019.3 version range:>=0a)
| | +- py(install version:1.8.0 version range:*)
| +- oslo.messaging(install version:5.10.0 version range:==5.10.0)
| | +- amqp(install version:1.4.9 version range:<2.0,>=1.4.0)
| | +- kombu(install version:4.6.7 version range:>=3.0.25)
| | | +- amqp(install version:2.5.2 version range:<2.6,>=2.5.2)
| | +- pika(install version:1.1.0 version range:>=0.10.0)
| | +- pika-pool(install version:0.1.3 version range:>=0.1.3)
| | | +- pika(install version:0.10.0 version range:<0.11,>=0.9)
| +- pylibmc(install version:1.5.1 version range:==1.5.1)
| +- babel(install version:2.7.0 version range:>=2.3)
| | +- pytz(install version:2019.3 version range:>=0a)
| +- oslo.service(install version:1.16.0 version range:==1.16.0)
| +- jsonpath-rw-ext(install version:1.0.0 version range:==1.0.0)
| | +- babel(install version:2.7.0 version range:>=1.3)
| | | +- pytz(install version:2019.3 version range:>=0a)
| | +- jsonpath-rw(install version:1.4.0 version range:>=1.2.0)
| | +- pbr(install version:1.10.0 version range:>=1.4,<2.0)
| +- six(install version:1.13.0 version range:>=1.9.0)

Thanks for your help.
Best,
Neolith

加密不同的文件格式

你好,这个库能够对只能对txt文件进行加密嘛? 我测试中只能对txt文件进行加密

Installation fails due to conflicting amqp version

Hi, users are unable to run servos-framework due to dependency conflict with amqp package. As shown in the following full dependency graph of servos-framework, oslo.messaging requires amqp <2.0,>=1.4.0,while kombu requires amqp <2.6,>=2.5.2.

According to pip’s “first found wins” installation strategy, amqp 1.4.9 is the actually installed version. However, amqp 1.4.9 does not satisfy <2.6,>=2.5.2.

Dependency tree-----------

servos-framework - 0.0.1.dev6
| +- pbr(install version:5.4.4 version range:>=1.8)
| +- i18n(install version:0.2 version range:==0.2)
| | +- babel(install version:2.7.0 version range:*)
| | | +- pytz(install version:2019.3 version range:>=0a)
| | +- py(install version:1.8.0 version range:*)
| +- oslo.messaging(install version:5.10.0 version range:==5.10.0)
| | +- amqp(install version:1.4.9 version range:<2.0,>=1.4.0)
| | +- kombu(install version:4.6.7 version range:>=3.0.25)
| | | +- amqp(install version:2.5.2 version range:<2.6,>=2.5.2)
| | +- pika(install version:1.1.0 version range:>=0.10.0)
| | +- pika-pool(install version:0.1.3 version range:>=0.1.3)
| | | +- pika(install version:0.10.0 version range:<0.11,>=0.9)
| +- pylibmc(install version:1.5.1 version range:==1.5.1)
| +- babel(install version:2.7.0 version range:>=2.3)
| | +- pytz(install version:2019.3 version range:>=0a)
| +- oslo.service(install version:1.16.0 version range:==1.16.0)
| +- jsonpath-rw-ext(install version:1.0.0 version range:==1.0.0)
| | +- babel(install version:2.7.0 version range:>=1.3)
| | | +- pytz(install version:2019.3 version range:>=0a)
| | +- jsonpath-rw(install version:1.4.0 version range:>=1.2.0)
| | +- pbr(install version:1.10.0 version range:>=1.4,<2.0)
| +- six(install version:1.13.0 version range:>=1.9.0)

Thanks for your help.
Best,
Neolith

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.