English | 简体中文
-
SM2 - This is a SM2 sm2p256v1 implementation whose performance is similar like golang native NIST P256 under amd64 and arm64, for implementation detail, please refer SM2实现细节. It supports ShangMi sm2 digital signature, public key encryption algorithm and also key exchange.
-
SM3 - This is also a SM3 implementation whose performance is similar like golang native SHA 256 with SIMD under amd64 and arm64, for implementation detail, please refer SM3性能优化. It also provides A64 cryptographic instructions SM3 tested with QEMU.
-
SM4 - For SM4 implementation, SIMD & AES-NI are used under amd64 and arm64, for detail please refer SM4性能优化, it supports ECB/CBC/CFB/OFB/CTR/GCM/CCM/XTS modes. It also provides A64 cryptographic instructions SM4 tested with QEMU.
-
SM9 - For SM9 implementation, please reference SM9实现及优化
-
ZUC - For ZUC implementation, SIMD, AES-NI and CLMUL are used under amd64 and arm64, for detail please refer Efficient Software Implementations of ZUC
-
CFCA - some cfca specific implementations.
-
CIPHER - ECB/CCM/XTS cipher modes, XTS mode also supports GB/T 17964-2021. Current XTS mode implementation is NOT concurrent safe!
-
SMX509 - a fork of golang X509 that supports ShangMi.
-
PKCS7 - a fork of mozilla-services/pkcs7 that supports ShangMi.
-
PKCS8 - a fork of youmark/pkcs8 that supports ShangMi.
-
ECDH - a similar implementation of golang ECDH that supports SM2 ECDH & SM2MQV without usage of big.Int, a replacement of SM2 key exchange. For detail, pleaes refer is my code constant time?
-
DRBG - Random Number Generation Using Deterministic Random Bit Generators, for detail, please reference NIST Special Publication 800-90A and GM/T 0105-2021: CTR-DRBG using derivation function and HASH-DRBG. NIST related implementations are tested with part of NIST provided test vectors. It's NOT concurrent safe! You can also use randomness tool to check the generated random bits.
- TLCP - An implementation of GB/T 38636-2020 Information security technology Transport Layer Cryptography Protocol (TLCP).
- PKCS12 - pkcs12 supports ShangMi, a fork of SSLMate/go-pkcs12.
- MKSMCERT - A simple tool for making locally-trusted development ShangMi certificates, a fork of FiloSottile/mkcert.
The basic architecture, design and some codes are from golang crypto.
The SM4 amd64 SIMD AES-NI implementation is inspired by code from mjosaarinen/sm4ni.
The original SM9/BN256 version is based on code from cloudflare/bn256.
The ZUC amd64 SIMD AES-NI, CLMUL implementation is inspired by code from Intel(R) Multi-Buffer Crypto for IPsec Library.
The pkcs7 is based on code from mozilla-services/pkcs7.
The pkcs8 is based on code from youmark/pkcs8.
Please read disclaimer carefully!