GmSSL是国密实验室提供的国密加解密组件,依赖于openssl1.1.1版本;centos7系统默认安装的openssl是1.0.2,因此需要安装openssl-1.1.1
安装
#!/bin/bash
basepath=$(cd `dirname $0`; pwd)
echo "安装openssl-1.1.1"
cd ${basepath}
tar -zxvf ${basepath}/openssl-1.1.1p.tar.gz
cd ${basepath}/openssl-1.1.1p
./config
make
make install
echo "/usr/local/lib64/" >> /etc/ld.so.conf
ldconfig
mv /usr/bin/openssl /usr/bin/openssl.old
ln -sv /usr/local/bin/openssl /usr/bin/openssl
echo "安装GmSSL"
cd ${basepath}
unzip ${basepath}/GmSSL-master.zip
cd ${basepath}/GmSSL-master
./config
make
make install
echo "export LD_LIBRARY_PATH=/usr/local/lib:\$LD_LIBRARY_PATH" >> /etc/profile
生成秘钥
openssl ecparam -genkey -name SM2 -out priv.key
生成公钥
openssl ec -in priv.key -pubout -out pub.key
加密
gmssl sm2utl -encrypt -in msg.txt -pubin -inkey pub.key -out enced.der
解密
gmssl sm2utl -decrypt -in enced.der -inkey priv.key