A Python ctypes implementation of GmSSLv3.1.1
Project description
pygmssl
A Python ctypes GmSSLv3.1.1 implementation
INSTALL
install GmSSLv3.1.1
git clone https://github.com/guanzhi/GmSSL.git
cd GmSSL && git checkout tags/v3.1.1
mkdir build && cd build && cmake ..
make && make test && sudo make install
sudo ldconfig
# check gmssl installed
gmssl version
install pygmssl
python -m pip install pygmssl
USAGE
SM3
from pygmssl.sm3 import SM3
# sm3 hash all data
data = b'hello, world'
assert SM3(data).hexdigest() == '02df30dff15f2ccb72bffdcb44e68d4d09974036dc7a6927e556fbef421c7f34'
# sm3 hash data by part
s3 = SM3()
for part_data in [b'hel', b'lo', b', world']:
s3.update(part_data)
assert s3.hexdigest() == '02df30dff15f2ccb72bffdcb44e68d4d09974036dc7a6927e556fbef421c7f34'
# sm3 hash with sm2 public key and id extra
# if not id, id will be sm2 default id, which is b'1234567812345678'
sm2_pub_key = b'\xe8G\x0be\xc3P\x12\x10\xa9+\xe6n%\x9dc\xe9\xed\xaeBEf\xab\xd0\x12t\x01RQ\xb8\xceJ\xb0\x9b;\x17\xbb.\xf7i\x00\x18Nq~\xa3\xf4n\xf8\xd7\xdd%m-@\xa3\xc3tv\xe4\xe2\xf7\x81\x83\xe0'
assert SM3.hash_with_sm2(data, sm2_pub_key).hexdigest() == 'cad9730d3d178bf4c234ab7d2b1fc39569af314faecda258f30ee92456f53d2f'
assert SM3.hash_with_sm2(data, sm2_pub_key, id=b'1234567812345678').hexdigest() == 'cad9730d3d178bf4c234ab7d2b1fc39569af314faecda258f30ee92456f53d2f'
assert SM3.hash_with_sm2(data, sm2_pub_key, id=b'123').hexdigest() == 'd5ba879b0197c1a528283ff9a2b25f347474749b27ab5fd7c8a55648fff1f861'
# sm3 hash with sm2 public key by part
s3 = SM3.hash_with_sm2(b'', sm2_pub_key)
for part_data in [b'hel', b'lo', b', world']:
s3.update(part_data)
assert s3.hexdigest() == 'cad9730d3d178bf4c234ab7d2b1fc39569af314faecda258f30ee92456f53d2f'
SM3-HMAC
from pygmssl.sm3 import SM3HMAC
# sm3 hmac all data
data = b'hello, world'
assert SM3HMAC(key=b'123', data=data).hexdigest() == '4410e0fef1ae0a641c7c4f1a7f6c7cef5b992f80607d5275f669d8942a77cc08'
# sm3 hmac data by part
s3 = SM3HMAC(key=b'123')
for part_data in [b'hel', b'lo', b', world']:
s3.update(part_data)
assert s3.hexdigest() == '4410e0fef1ae0a641c7c4f1a7f6c7cef5b992f80607d5275f669d8942a77cc08'
SM4
from pygmssl.sm4 import SM4, MOD
# CBC, must 16 bytes key and 16 bytes iv
key = b'F\x7f\x8e7\x05\xc8\x14\x92\xa8P\x8feGx\xf6\xfc'
iv = b'W\xd3,A\x97L\x0e\xfd\xbe\xb5@\xa9\xb0\xe2L\xdf'
cipher = SM4(key, mode=MOD.CBC, iv=iv)
data = b'hello, world'
assert cipher.decrypt(cipher.encrypt(data)) == data
SM2
from pygmssl.sm2 import SM2
# generate sm2 private key and public key
s2 = SM2.generate_new_pair()
print(s2.pub_key) # 64 byte public key
print(s2.pri_key) # 32 byte private key
# 64 byte public_key or 65 byte public key(which is b'\x04' + 64 byte)
test_pub_key = b'\xe8G\x0be\xc3P\x12\x10\xa9+\xe6n%\x9dc\xe9\xed\xaeBEf' \
b'\xab\xd0\x12t\x01RQ\xb8\xceJ\xb0\x9b;\x17\xbb.\xf7i\x00' \
b'\x18Nq~\xa3\xf4n\xf8\xd7\xdd%m-@\xa3\xc3tv\xe4\xe2\xf7\x81\x83\xe0'
test_pri_key = b'\x87\x95\x84V\xcej\x8cq\xd1\x10\x94\xa7\xb7\x8d\xc1\x9a' \
b'\x98\xcf\xe7\x84\x90\x9d\x8d\xd2\xff\xb4\xaeo2\xb8j\x1b'
# SM2 sign and verify with default id
signer = SM2(pub_key=test_pub_key, pri_key=test_pri_key)
data = b'hello, world'
sig = signer.sign(data) # if not id, id will be sm2.SM2_DEFAULT_ID
assert signer.verify(data, sig) == True
# SM2 sign and verify with id
signer2 = SM2(pub_key=test_pub_key, pri_key=test_pri_key)
data = b'hello, world'
sig = signer2.sign(data, id=b'123') # if not id, id will be sm2.SM2_DEFAULT_ID
assert signer2.verify(data, sig, id=b'123') == True
assert signer2.verify(data + b'\x00', sig, id=b'123') == False # libgmssl will print some fail info
# 如果Java sign可能给出的不是asn1 der格式的sig, 签名和验签的时候指定asn1=True, 将会获取签名后的64位实际数据
zk = SM2(pub_key=test_pub_key, pri_key=test_pri_key)
data = b'hello, world'
sig = zk.sign(data, id=b'123', asn1=True)
assert len(sig) == 64
assert zk.verify(data, sig, id=b'123', asn1=True) == True
# SM2 encrypt and decrypt, data's length <= sm2.SM2_MAX_PLAINTEXT_SIZE
en = SM2(pub_key=test_pub_key)
data = b'hello, world'
s_data = en.encrypt(data)
de = SM2(pri_key=test_pri_key)
d_data = de.decrypt(s_data)
assert d_data == data
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
pygmssl-0.1.2.tar.gz
(8.6 kB
view details)
Built Distribution
File details
Details for the file pygmssl-0.1.2.tar.gz.
File metadata
- Download URL: pygmssl-0.1.2.tar.gz
- Upload date:
- Size: 8.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.9.19
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 691c157f9ae10d78a99df1a8dd27a7f926a3b5da80b5b714aaf21eb527d46d32 |
|
| MD5 | 90c8c3a002361d9afd46000083255c8e |
|
| BLAKE2b-256 | 89cb0e0b57d4aa329315681f5564e9a3b0b540022d20412b7fba4924d1173151 |
File details
Details for the file pygmssl-0.1.2-py3-none-any.whl.
File metadata
- Download URL: pygmssl-0.1.2-py3-none-any.whl
- Upload date:
- Size: 8.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/5.0.0 CPython/3.9.19
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 0cbfa7c06752680ff7dc933f4070925d483f64a594ef41631a16428038d69c10 |
|
| MD5 | 57d4861e7b8a177326c16c4f197c5410 |
|
| BLAKE2b-256 | 8d90cc48779ccedc2a19d360b145ad9771a4a456bb18d8de2dd67a1b685c69a0 |
