C# SM2加解密 ——国密SM2算法

yc_1224

已于 2024-03-12 14:29:21 修改

阅读量1.8k

点赞数 4

分类专栏： C# SM2加解密文章标签： c# SM2国密

于 2024-03-12 14:21:04 首次发布

本文链接：https://blog.csdn.net/cn_514/article/details/136651023

版权

C# 同时被 2 个专栏收录

63 篇文章 3 订阅

订阅专栏

SM2加解密

1 篇文章 0 订阅

订阅专栏

SM2 是国家密码管理局组织制定并提出的椭圆曲线密码算法标准。

本文使用第三方密码库 BouncyCastle 实现 SM2 加解密，使用 NuGet 安装即可，包名：Portable.BouncyCastle，目前最新版本为：1.9.0。

using Org.BouncyCastle.Asn1.GM;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Digests;
using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.Crypto.Generators;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Math;
using Org.BouncyCastle.Math.EC;
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Utilities.Encoders;
using System;
using System.Collections.Generic;
using System.Text;

namespace AI_SXPA.Utility
{
    /// <summary>
    /// 可用
    /// </summary>
    public class Sm2Util
    {
        /// <summary>
        ///     加密模式
        /// </summary>
        public enum Mode
        {
            C1C2C3,
            C1C3C2
        }

        private readonly Mode _mode;
        private readonly string _privkey;

        private ICipherParameters _privateKeyParameters;
        private string _pubkey;

        private ICipherParameters _publicKeyParameters;

        public Sm2Util(string pubkey, string privkey, Mode mode = Mode.C1C3C2, bool isPkcs8 = false)
        {
            if (pubkey != null)
                _pubkey = pubkey;
            if (privkey != null)
                _privkey = privkey;
            _mode = mode;
        }

        public Sm2Util(string pubkey, Mode mode = Mode.C1C3C2, bool isPkcs8 = false)
        {
            if (pubkey != null)
                _pubkey = pubkey;
            _mode = mode;
        }

        private ICipherParameters PrivateKeyParameters
        {
            get
            {
                try
                {
                    var r = _privateKeyParameters;
                    if (r == null)
                        r = _privateKeyParameters =
                            new ECPrivateKeyParameters(new BigInteger(_privkey, 16),
                                new ECDomainParameters(GMNamedCurves.GetByName("SM2P256V1")));
                    return r;
                }
                catch (Exception ex)
                {
                    return null;
                }
            }
        }

        private ICipherParameters PublicKeyParameters
        {
            get
            {
                try
                {
                    var r = _publicKeyParameters;
                    if (r == null)
                    {
                        //截取64字节有效的SM2公钥（如果公钥首个字节为0x04）
                        if (_pubkey.Length > 128) _pubkey = _pubkey.Substring(_pubkey.Length - 128);
                        //将公钥拆分为x,y分量（各32字节）
                        var stringX = _pubkey.Substring(0, 64);
                        var stringY = _pubkey.Substring(stringX.Length);
                        //将公钥x、y分量转换为BigInteger类型
                        var x = new BigInteger(stringX, 16);
                        var y = new BigInteger(stringY, 16);
                        //通过公钥x、y分量创建椭圆曲线公钥规范
                        var x9Ec = GMNamedCurves.GetByName("SM2P256V1");
                        r = _publicKeyParameters = new ECPublicKeyParameters(x9Ec.Curve.CreatePoint(x, y),
                            new ECDomainParameters(x9Ec));
                    }

                    return r;
                }
                catch (Exception ex)
                {
                    return null;
                }
            }
        }

        /// <summary>
        ///     生成秘钥对
        /// </summary>
        /// <returns></returns>
        public static Dictionary<string, string> GenerateKeyPair()
        {
            string[] param =
            {
                "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF", // p,0
                "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC", // a,1
                "28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93", // b,2
                "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123", // n,3
                "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7", // gx,4
                "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0" // gy,5
            };
            var eccParam = param;

            var eccP = new BigInteger(eccParam[0], 16);
            var eccA = new BigInteger(eccParam[1], 16);
            var eccB = new BigInteger(eccParam[2], 16);
            var eccN = new BigInteger(eccParam[3], 16);
            var eccGx = new BigInteger(eccParam[4], 16);
            var eccGy = new BigInteger(eccParam[5], 16);
            ECFieldElement element = new FpFieldElement(eccP, eccGx);
            ECFieldElement ecFieldElement = new FpFieldElement(eccP, eccGy);

            ECCurve eccCurve = new FpCurve(eccP, eccA, eccB);
            ECPoint eccPointG = new FpPoint(eccCurve, element, ecFieldElement);

            var bcSpec = new ECDomainParameters(eccCurve, eccPointG, eccN);
            var ecgenparam = new ECKeyGenerationParameters(bcSpec, new SecureRandom());
            var generator = new ECKeyPairGenerator();
            generator.Init(ecgenparam);

            var key = generator.GenerateKeyPair();
            var ecpriv = (ECPrivateKeyParameters)key.Private;
            var ecpub = (ECPublicKeyParameters)key.Public;
            var privateKey = ecpriv.D;
            var publicKey = ecpub.Q;
            var dic = new Dictionary<string, string>();
            dic.Add("pubkey", Encoding.Default.GetString(Hex.Encode(publicKey.GetEncoded())));
            dic.Add("prikey", Encoding.Default.GetString(Hex.Encode(privateKey.ToByteArray())));
            //dic.Add("pubkey", Encoding.Default.GetString(Hex.Encode(publicKey.GetEncoded())).ToUpper());           
            //dic.Add("prikey", Encoding.Default.GetString(Hex.Encode(privateKey.ToByteArray())).ToUpper());
            return dic;
        }
        /// <summary>
        /// 解密
        /// </summary>
        /// <param name="data"></param>
        /// <returns></returns>
        public byte[] Decrypt(byte[] data)
        {
            try
            {
                if (_mode == Mode.C1C3C2)
                    data = C132ToC123(data);
                var sm2 = new SM2Engine(new SM3Digest());
                sm2.Init(false, PrivateKeyParameters);
                return sm2.ProcessBlock(data, 0, data.Length);
            }
            catch (Exception ex)
            {
                return null;
            }
        }
        /// <summary>
        /// 加密
        /// </summary>
        /// <param name="data"></param>
        /// <returns></returns>
        public byte[] Encrypt(byte[] data)
        {
            try
            {
                var sm2 = new SM2Engine(new SM3Digest());
                sm2.Init(true, new ParametersWithRandom(PublicKeyParameters));
                data = sm2.ProcessBlock(data, 0, data.Length);
                if (_mode == Mode.C1C3C2)
                    data = C123ToC132(data);
                return data;
            }
            catch (Exception ex)
            {
                return null;
            }
        }

        private static byte[] C123ToC132(byte[] c1c2c3)
        {
            var gn = GMNamedCurves.GetByName("SM2P256V1");
            var c1Len = (gn.Curve.FieldSize + 7) / 8 * 2 + 1;
            var c3Len = 32;
            var result = new byte[c1c2c3.Length];
            Array.Copy(c1c2c3, 0, result, 0, c1Len); //c1
            Array.Copy(c1c2c3, c1c2c3.Length - c3Len, result, c1Len, c3Len); //c3
            Array.Copy(c1c2c3, c1Len, result, c1Len + c3Len, c1c2c3.Length - c1Len - c3Len); //c2
            return result;
        }

        private static byte[] C132ToC123(byte[] c1c3c2)
        {
            var gn = GMNamedCurves.GetByName("SM2P256V1");
            var c1Len = (gn.Curve.FieldSize + 7) / 8 * 2 + 1;
            var c3Len = 32;
            var result = new byte[c1c3c2.Length];
            Array.Copy(c1c3c2, 0, result, 0, c1Len); //c1: 0->65
            Array.Copy(c1c3c2, c1Len + c3Len, result, c1Len, c1c3c2.Length - c1Len - c3Len); //c2
            Array.Copy(c1c3c2, c1Len, result, c1c3c2.Length - c3Len, c3Len); //c3
            return result;
        }

        /// <summary>
        ///     字节数组转16进制原码字符串
        /// </summary>
        /// <param name="bytes"></param>
        /// <returns></returns>
        public static string BytesToHexStr(byte[] bytes)
        {
            var str = "";
            if (bytes != null)
                for (var i = 0; i < bytes.Length; i++)
                    str += bytes[i].ToString("X2");
            return str;
        }

        /// <summary>
        ///     16进制原码字符串转字节数组
        /// </summary>
        /// <param name="hexStr">"AABBCC"或"AA BB CC"格式的字符串</param>
        /// <returns></returns>
        public static byte[] HexStrToBytes(string hexStr)
        {
            hexStr = hexStr.Replace(" ", "");
            if (hexStr.Length % 2 != 0) throw new ArgumentException("参数长度不正确,必须是偶数位。");
            var bytes = new byte[hexStr.Length / 2];
            for (var i = 0; i < bytes.Length; i++)
            {
                var b = Convert.ToByte(hexStr.Substring(i * 2, 2), 16);
                bytes[i] = b;
            }

            return bytes;
        }
    }
}

SM2 加解密联调时踩坑
1、密文数据，有些加密硬件出来密文结构为 C1|C2|C3 ，有些为 C1|C3|C2 , 需要对应密文结构做解密操作
2、有些加密硬件，公钥前加04 ，私钥前加00，密文前加04 ，在处理时候，可以根据长度处理，尤其 04 的处理。

在线验证：在线SM2加密解密,生成公钥/私钥对 (config.net.cn)