准备发布 v0.1.0
- 添加 Apache-2.0 许可证 - 添加 CHANGELOG.md 变更日志 - 添加 SECURITY.md 安全策略 - 添加 README.zh-CN.md 中文文档 - 添加 rustfmt.toml 代码格式配置 - 添加 scripts/pre_publish_check.sh 发布检查脚本 - 更新 Cargo.toml 元数据(分类、关键词、文档链接) - 完善 README.md 示例代码 - 优化 SM2/SM9 性能和测试覆盖率
This commit is contained in:
+12
-24
@@ -13,14 +13,12 @@ use libsmx::sm2::{get_e, get_z, sign_with_k, verify, PrivateKey};
|
||||
fn test_sm2_sign_verify_with_known_key() {
|
||||
// GB/T 32918.2-2016 附录 A 私钥
|
||||
let d_bytes =
|
||||
hex::decode("3945208f7b2144b13f36e38ac6d39f95889393692860b51a42fb81ef4df7c5b8")
|
||||
.unwrap();
|
||||
hex::decode("3945208f7b2144b13f36e38ac6d39f95889393692860b51a42fb81ef4df7c5b8").unwrap();
|
||||
let k_bytes =
|
||||
hex::decode("59276e27d506861a16680f3ad9c02dccef3cc1fa3cdbe4ce6d54b80deac1bc21")
|
||||
.unwrap();
|
||||
hex::decode("59276e27d506861a16680f3ad9c02dccef3cc1fa3cdbe4ce6d54b80deac1bc21").unwrap();
|
||||
|
||||
let pri_key = PrivateKey::from_bytes(d_bytes.as_slice().try_into().unwrap())
|
||||
.expect("私钥应有效");
|
||||
let pri_key =
|
||||
PrivateKey::from_bytes(d_bytes.as_slice().try_into().unwrap()).expect("私钥应有效");
|
||||
let pub_key = pri_key.public_key();
|
||||
|
||||
let id = b"ALICE123@YAHOO.COM";
|
||||
@@ -43,15 +41,13 @@ fn test_sm2_sign_verify_with_known_key() {
|
||||
#[test]
|
||||
fn test_sm2_different_messages_different_sigs() {
|
||||
let d_bytes =
|
||||
hex::decode("3945208f7b2144b13f36e38ac6d39f95889393692860b51a42fb81ef4df7c5b8")
|
||||
.unwrap();
|
||||
hex::decode("3945208f7b2144b13f36e38ac6d39f95889393692860b51a42fb81ef4df7c5b8").unwrap();
|
||||
let pri_key = PrivateKey::from_bytes(d_bytes.as_slice().try_into().unwrap()).unwrap();
|
||||
let pub_key = pri_key.public_key();
|
||||
|
||||
let id = b"test_user";
|
||||
let k = U256::from_be_slice(
|
||||
&hex::decode("59276e27d506861a16680f3ad9c02dccef3cc1fa3cdbe4ce6d54b80deac1bc21")
|
||||
.unwrap(),
|
||||
&hex::decode("59276e27d506861a16680f3ad9c02dccef3cc1fa3cdbe4ce6d54b80deac1bc21").unwrap(),
|
||||
);
|
||||
|
||||
let z = get_z(id, &pub_key);
|
||||
@@ -69,8 +65,7 @@ fn test_sm2_different_messages_different_sigs() {
|
||||
#[test]
|
||||
fn test_sm2_verify_tampered_message_fails() {
|
||||
let d_bytes =
|
||||
hex::decode("3945208f7b2144b13f36e38ac6d39f95889393692860b51a42fb81ef4df7c5b8")
|
||||
.unwrap();
|
||||
hex::decode("3945208f7b2144b13f36e38ac6d39f95889393692860b51a42fb81ef4df7c5b8").unwrap();
|
||||
let pri_key = PrivateKey::from_bytes(d_bytes.as_slice().try_into().unwrap()).unwrap();
|
||||
let pub_key = pri_key.public_key();
|
||||
|
||||
@@ -80,8 +75,7 @@ fn test_sm2_verify_tampered_message_fails() {
|
||||
let e = get_e(&z, msg);
|
||||
|
||||
let k = U256::from_be_slice(
|
||||
&hex::decode("59276e27d506861a16680f3ad9c02dccef3cc1fa3cdbe4ce6d54b80deac1bc21")
|
||||
.unwrap(),
|
||||
&hex::decode("59276e27d506861a16680f3ad9c02dccef3cc1fa3cdbe4ce6d54b80deac1bc21").unwrap(),
|
||||
);
|
||||
let sig = sign_with_k(&e, &pri_key, &k).unwrap();
|
||||
|
||||
@@ -97,8 +91,7 @@ fn test_sm2_verify_tampered_message_fails() {
|
||||
#[test]
|
||||
fn test_sm2_verify_tampered_sig_fails() {
|
||||
let d_bytes =
|
||||
hex::decode("3945208f7b2144b13f36e38ac6d39f95889393692860b51a42fb81ef4df7c5b8")
|
||||
.unwrap();
|
||||
hex::decode("3945208f7b2144b13f36e38ac6d39f95889393692860b51a42fb81ef4df7c5b8").unwrap();
|
||||
let pri_key = PrivateKey::from_bytes(d_bytes.as_slice().try_into().unwrap()).unwrap();
|
||||
let pub_key = pri_key.public_key();
|
||||
|
||||
@@ -108,24 +101,19 @@ fn test_sm2_verify_tampered_sig_fails() {
|
||||
let e = get_e(&z, msg);
|
||||
|
||||
let k = U256::from_be_slice(
|
||||
&hex::decode("59276e27d506861a16680f3ad9c02dccef3cc1fa3cdbe4ce6d54b80deac1bc21")
|
||||
.unwrap(),
|
||||
&hex::decode("59276e27d506861a16680f3ad9c02dccef3cc1fa3cdbe4ce6d54b80deac1bc21").unwrap(),
|
||||
);
|
||||
let mut sig = sign_with_k(&e, &pri_key, &k).unwrap();
|
||||
sig[0] ^= 1; // 篡改 r 的第一字节
|
||||
|
||||
assert!(
|
||||
verify(&e, &pub_key, &sig).is_err(),
|
||||
"篡改签名后验签应失败"
|
||||
);
|
||||
assert!(verify(&e, &pub_key, &sig).is_err(), "篡改签名后验签应失败");
|
||||
}
|
||||
|
||||
/// Z 值计算确定性验证(相同输入产生相同 Z)
|
||||
#[test]
|
||||
fn test_sm2_z_value_deterministic() {
|
||||
let d_bytes =
|
||||
hex::decode("3945208f7b2144b13f36e38ac6d39f95889393692860b51a42fb81ef4df7c5b8")
|
||||
.unwrap();
|
||||
hex::decode("3945208f7b2144b13f36e38ac6d39f95889393692860b51a42fb81ef4df7c5b8").unwrap();
|
||||
let pri_key = PrivateKey::from_bytes(d_bytes.as_slice().try_into().unwrap()).unwrap();
|
||||
let pub_key = pri_key.public_key();
|
||||
|
||||
|
||||
+16
-8
@@ -12,9 +12,13 @@ use libsmx::sm3::Sm3Hasher;
|
||||
fn test_sm3_vector_a1_abc() {
|
||||
let msg = b"abc";
|
||||
let digest = Sm3Hasher::digest(msg);
|
||||
let expected = hex::decode("66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0")
|
||||
.unwrap();
|
||||
assert_eq!(digest.as_slice(), expected.as_slice(), "GB/T 32905 附录 A.1 失败");
|
||||
let expected =
|
||||
hex::decode("66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0").unwrap();
|
||||
assert_eq!(
|
||||
digest.as_slice(),
|
||||
expected.as_slice(),
|
||||
"GB/T 32905 附录 A.1 失败"
|
||||
);
|
||||
}
|
||||
|
||||
/// GB/T 32905-2016 附录 A.2
|
||||
@@ -24,9 +28,13 @@ fn test_sm3_vector_a1_abc() {
|
||||
fn test_sm3_vector_a2_64bytes() {
|
||||
let msg = b"abcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcd";
|
||||
let digest = Sm3Hasher::digest(msg);
|
||||
let expected = hex::decode("debe9ff92275b8a138604889c18e5a4d6fdb70e5387e5765293dcba39c0c5732")
|
||||
.unwrap();
|
||||
assert_eq!(digest.as_slice(), expected.as_slice(), "GB/T 32905 附录 A.2 失败");
|
||||
let expected =
|
||||
hex::decode("debe9ff92275b8a138604889c18e5a4d6fdb70e5387e5765293dcba39c0c5732").unwrap();
|
||||
assert_eq!(
|
||||
digest.as_slice(),
|
||||
expected.as_slice(),
|
||||
"GB/T 32905 附录 A.2 失败"
|
||||
);
|
||||
}
|
||||
|
||||
/// 流式接口与单次接口结果一致性验证
|
||||
@@ -48,7 +56,7 @@ fn test_sm3_streaming_equals_oneshot() {
|
||||
#[test]
|
||||
fn test_sm3_empty_message() {
|
||||
let digest = Sm3Hasher::digest(b"");
|
||||
let expected = hex::decode("1ab21d8355cfa17f8e61194831e81a8f22bec8c728fefb747ed035eb5082aa2b")
|
||||
.unwrap();
|
||||
let expected =
|
||||
hex::decode("1ab21d8355cfa17f8e61194831e81a8f22bec8c728fefb747ed035eb5082aa2b").unwrap();
|
||||
assert_eq!(digest.as_slice(), expected.as_slice(), "SM3 空消息测试失败");
|
||||
}
|
||||
|
||||
@@ -4,8 +4,8 @@
|
||||
|
||||
use libsmx::sm9::{
|
||||
generate_enc_master_keypair, generate_enc_user_key, generate_sign_master_keypair,
|
||||
generate_sign_user_key, sm9_decrypt, sm9_encrypt, sm9_sign, sm9_verify,
|
||||
Sm9EncPubKey, Sm9MasterPrivKey, Sm9SignPubKey,
|
||||
generate_sign_user_key, sm9_decrypt, sm9_encrypt, sm9_sign, sm9_verify, Sm9EncPubKey,
|
||||
Sm9SignPubKey,
|
||||
};
|
||||
use rand_core::RngCore;
|
||||
|
||||
@@ -180,11 +180,11 @@ mod pairing_reference_tests {
|
||||
/// This tests with a hardcoded known-good pairing value
|
||||
#[test]
|
||||
fn test_pairing_against_sm9core() {
|
||||
use sm9_core::{G1, G2, Group};
|
||||
use libsmx::sm9::fields::fp12::fp12_to_bytes;
|
||||
use libsmx::sm9::groups::g1::G1Affine;
|
||||
use libsmx::sm9::groups::g2::G2Affine;
|
||||
use libsmx::sm9::pairing::pairing;
|
||||
use libsmx::sm9::fields::fp12::fp12_to_bytes;
|
||||
use sm9_core::{Group, G1, G2};
|
||||
|
||||
// Get sm9_core reference pairing of generators
|
||||
let g1_ref = G1::one();
|
||||
@@ -201,7 +201,7 @@ mod pairing_reference_tests {
|
||||
// Print both for debugging
|
||||
println!("sm9_core ref bytes[0..32]: {:02x?}", &ref_bytes[0..32]);
|
||||
println!("our bytes[0..32]: {:02x?}", &our_bytes[0..32]);
|
||||
|
||||
|
||||
// They can't be directly compared due to different tower structures
|
||||
// But we can verify by checking if our e(G1,G2)^order == 1
|
||||
// For now, just print to help diagnose
|
||||
|
||||
Reference in New Issue
Block a user