前言
刚开始用同事给的包一直报错。后来尝试用JavaScript的方法,找了好久只找到加密的,好不容易找到一个有解密的,结果解密出来的是空字符串。后来找了一个java的在maven环境下能正常使用的。开启了改造这个的过程:
参考链接:
完整demo下载链接
https://download.csdn.net/download/latin_06/87767085
1、新建java项目sm2Demo
pom
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.64</version>
</dependency>
引入SM2Util工具类
package com.utils;
import org.bouncycastle.asn1.gm.GMNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.asn1.x9.X9ECPoint;
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.SM2Engine;
import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
import org.bouncycastle.crypto.params.*;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.util.encoders.Hex;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.math.BigInteger;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
public class SM2Util {
private final static Logger serverLogger = LoggerFactory.getLogger(SM2Util.class);
/**
* 生成国密公私钥对
*
* @return
* @throws Exception
*/
public static List<String> genKeyPair() throws Exception {
//生成密钥对
X9ECParameters sm2ECParameters = GMNamedCurves.getByName("sm2p256v1");
ECDomainParameters domainParameters = new ECDomainParameters(sm2ECParameters.getCurve(), sm2ECParameters.getG(), sm2ECParameters.getN());
ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
keyPairGenerator.init(new ECKeyGenerationParameters(domainParameters, SecureRandom.getInstance("SHA1PRNG")));
AsymmetricCipherKeyPair asymmetricCipherKeyPair = keyPairGenerator.generateKeyPair();
//私钥,16进制格式,自己保存,格式如a2081b5b81fbea0b6b973a3ab6dbbbc65b1164488bf22d8ae2ff0b8260f64853
BigInteger privatekey = ((ECPrivateKeyParameters) asymmetricCipherKeyPair.getPrivate()).getD();
String privateKeyHex = privatekey.toString(16);
//公钥,16进制格式,发给前端,格式如04813d4d97ad31bd9d18d785f337f683233099d5abed09cb397152d50ac28cc0ba43711960e811d90453db5f5a9518d660858a8d0c57e359a8bf83427760ebcbba
ECPoint ecPoint = ((ECPublicKeyParameters) asymmetricCipherKeyPair.getPublic()).getQ();
String publicKeyHex = Hex.toHexString(ecPoint.getEncoded(false));
List<String> result = new ArrayList<>();
result.add(publicKeyHex);
result.add(privateKeyHex);
return result;
}
/**
* 加密SM2
*
* @param plaintext 明文
* @return 密文
*/
public static String encrypt(String plaintext,String publicKey) {
byte[] plaintextByte = Base64.getEncoder().encode(plaintext.getBytes());
X9ECParameters sm2ECParameters = GMNamedCurves.getByName("sm2p256v1");
ECDomainParameters domainParams = new ECDomainParameters(sm2ECParameters.getCurve(), sm2ECParameters.getG(), sm2ECParameters.getN());
X9ECPoint localX9ECPoint = new X9ECPoint(sm2ECParameters.getCurve(), Hex.decode(publicKey.getBytes()));
ECPublicKeyParameters pk = new ECPublicKeyParameters(localX9ECPoint.getPoint(), domainParams);
CipherParameters pubKeyParameters = new ParametersWithRandom(pk);
SM2Engine sm2Engine = new SM2Engine();
sm2Engine.init(true, pubKeyParameters);
try {
return Hex.toHexString(sm2Engine.processBlock(plaintextByte, 0, plaintextByte.length));
} catch (InvalidCipherTextException e) {
e.printStackTrace();
}
return null;
}
/**
* 根据privateKey对加密数据encodedata,使用SM2解密
*
* @return
*/
public static String decrypt(String cipherData, String privateKey)throws Exception {
byte[] cipherDataByte = Hex.decode(cipherData);
//刚才的私钥Hex,先还原私钥
BigInteger privateKeyD = new BigInteger(privateKey, 16);
X9ECParameters sm2ECParameters = GMNamedCurves.getByName("sm2p256v1");
ECDomainParameters domainParameters = new ECDomainParameters(sm2ECParameters.getCurve(), sm2ECParameters.getG(), sm2ECParameters.getN());
ECPrivateKeyParameters privateKeyParameters = new ECPrivateKeyParameters(privateKeyD, domainParameters);
//用私钥解密
SM2Engine sm2Engine = new SM2Engine();
sm2Engine.init(false, privateKeyParameters);
//processBlock得到Base64格式,记得解码
byte[] arrayOfBytes = Base64.getDecoder().decode(sm2Engine.processBlock(cipherDataByte, 0, cipherDataByte.length));
//得到明文:SM2 Encryption Test
return new String(arrayOfBytes);
}
// public static void main(String[] args)throws Exception {
// List<String> keys = genKeyPair();// 生成密钥对,公钥加密,私钥解密
// System.out.println(keys);
// String mima = encrypt("libai李白",keys.get(0));
// String jiemi = decrypt(mima,keys.get(1));
// System.out.println("加密后字符串:"+mima );
// System.out.println("解密后字符串:"+jiemi );
// }
}
如上的main方法包括了生成密钥对,加密、解密,但是如上是在JDK1.8环境且是使用了maven的情况。现在要改造如下:
找到依赖的maven对应的jar包:
新建只有解密的类SM2
PS:注意如下的Base64不能用java.util.Base64这是jdk1.8才有的
import org.bouncycastle.asn1.gm.GMNamedCurves;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.crypto.engines.SM2Engine;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.util.encoders.Hex;
import java.math.BigInteger;
import org.bouncycastle.util.encoders.Base64;
//import java.util.Base64;
public class SM2 {
public static byte[] decrypt2(String cipherData, String privateKey) throws Exception {
byte[] cipherDataByte = Hex.decode(cipherData);
//刚才的私钥Hex,先还原私钥
BigInteger privateKeyD = new BigInteger(privateKey, 16);
X9ECParameters sm2ECParameters = GMNamedCurves.getByName("sm2p256v1");
ECDomainParameters domainParameters = new ECDomainParameters(sm2ECParameters.getCurve(), sm2ECParameters.getG(), sm2ECParameters.getN());
ECPrivateKeyParameters privateKeyParameters = new ECPrivateKeyParameters(privateKeyD, domainParameters);
//用私钥解密
SM2Engine sm2Engine = new SM2Engine();
sm2Engine.init(false, privateKeyParameters);
//processBlock得到Base64格式,记得解码
// byte[] arrayOfBytes = Base64.getDecoder().decode(sm2Engine.processBlock(cipherDataByte, 0, cipherDataByte.length));
//得到明文:SM2 Encryption Test
// return new String(arrayOfBytes);
return sm2Engine.processBlock(cipherDataByte, 0, cipherDataByte.length);
}
public static String decrypt(String cipherData, String privateKey) throws Exception {
byte[] cipherDataByte = Hex.decode(cipherData);
//刚才的私钥Hex,先还原私钥
BigInteger privateKeyD = new BigInteger(privateKey, 16);
X9ECParameters sm2ECParameters = GMNamedCurves.getByName("sm2p256v1");
ECDomainParameters domainParameters = new ECDomainParameters(sm2ECParameters.getCurve(), sm2ECParameters.getG(), sm2ECParameters.getN());
ECPrivateKeyParameters privateKeyParameters = new ECPrivateKeyParameters(privateKeyD, domainParameters);
//用私钥解密
SM2Engine sm2Engine = new SM2Engine();
sm2Engine.init(false, privateKeyParameters);
//processBlock得到Base64格式,记得解码
byte[] arrayOfBytes = Base64.decode(sm2Engine.processBlock(cipherDataByte, 0, cipherDataByte.length));
//得到明文:SM2 Encryption Test
return new String(arrayOfBytes);
}
public static void main(String[] args) throws Exception {
String privKey = "c63f6353bd1ee1a32db4491508b64055f5bdbb6e1ee9655830936894aa6a0743";
String mi = "046082eda9a52eb589246b95805052aa82806a6aa66c100cd21ce6f06a3e5a273f1853b0dd7506aa19c452a16b1b89b7c65754b5e685067daf93c85a990c20dd7a2e7bce4f43be317984b19da31188a626d95ef6c3072b6ea3dec8d14ac16e8af7d38d6bebff61066522de05e7ef688494e48e7e5556babdb4";
String jiemi2 = decrypt(mi,privKey);
System.out.println("解密后字符串:"+jiemi2 );
}
}
总结
maven工程改造成非maven的项目,只要找到maven的pom中下载的jar包,并引入就行了。