All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.dromara.hutool.crypto.bc.SmUtil Maven / Gradle / Ivy

Go to download

Hutool是一个优雅而小巧的Java工具类库

There is a newer version: 6.0.0.M3
Show newest version
/*
 * Copyright (c) 2013-2024 Hutool Team and hutool.cn
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.dromara.hutool.crypto.bc;

import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.gm.GMNamedCurves;
import org.bouncycastle.crypto.digests.SM3Digest;
import org.bouncycastle.crypto.params.ECDomainParameters;
import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
import org.bouncycastle.crypto.params.ECPublicKeyParameters;
import org.bouncycastle.crypto.signers.StandardDSAEncoding;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.encoders.Hex;
import org.dromara.hutool.core.array.ArrayUtil;
import org.dromara.hutool.core.io.IORuntimeException;
import org.dromara.hutool.crypto.CryptoException;
import org.dromara.hutool.crypto.asymmetric.SM2;
import org.dromara.hutool.crypto.digest.mac.HMac;
import org.dromara.hutool.crypto.digest.mac.HmacAlgorithm;
import org.dromara.hutool.crypto.digest.SM3;
import org.dromara.hutool.crypto.digest.mac.BCHMacEngine;
import org.dromara.hutool.crypto.digest.mac.MacEngine;
import org.dromara.hutool.crypto.symmetric.SM4;
import org.dromara.hutool.crypto.symmetric.SymmetricCrypto;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.PublicKey;

/**
 * SM国密算法工具类

 * 此工具类依赖org.bouncycastle:bcprov-jdk18on
 *
 * 
封装包括:

 * 
    
 *     
  • SM2 椭圆曲线非对称加密和签名 asymmetric
    • 
 *     
  • SM3 杂凑算法 哈希算法 摘要算法 digest
    • 
 *     
  • SM4 对称加密 symmetric
    • 
 * 

 * @see SM2 sm2,asymmetric,不对称
 * @see SM3 sm3,digest,摘要
 * @see SM4 sm4,symmetric,对称
 *
 * @author looly
 * @since 4.3.2
 */
public class SmUtil {

	private final static int RS_LEN = 32;
	/**
	 * SM2默认曲线
	 */
	public static final String SM2_CURVE_NAME = "sm2p256v1";
	/**
	 * SM2推荐曲线参数(来自https://github.com/ZZMarquis/gmhelper)
	 */
	public static final ECDomainParameters SM2_DOMAIN_PARAMS = BCUtil.toDomainParams(GMNamedCurves.getByName(SM2_CURVE_NAME));
	/**
	 * SM2国密算法公钥参数的Oid标识
	 */
	public static final ASN1ObjectIdentifier ID_SM2_PUBLIC_KEY_PARAM = new ASN1ObjectIdentifier("1.2.156.10197.1.301");

	/**
	 * 创建SM2算法对象

	 * 生成新的私钥公钥对
	 *
	 * @return {@link SM2}
	 */
	public static SM2 sm2() {
		return new SM2();
	}

	/**
	 * 创建SM2算法对象

	 * 私钥和公钥同时为空时生成一对新的私钥和公钥

	 * 私钥和公钥可以单独传入一个,如此则只能使用此钥匙来做加密或者解密
	 *
	 * @param privateKeyStr 私钥Hex或Base64表示
	 * @param publicKeyStr  公钥Hex或Base64表示
	 * @return {@link SM2}
	 */
	public static SM2 sm2(final String privateKeyStr, final String publicKeyStr) {
		return new SM2(privateKeyStr, publicKeyStr);
	}

	/**
	 * 创建SM2算法对象

	 * 私钥和公钥同时为空时生成一对新的私钥和公钥

	 * 私钥和公钥可以单独传入一个,如此则只能使用此钥匙来做加密或者解密
	 *
	 * @param privateKey 私钥,必须使用PKCS#8规范
	 * @param publicKey  公钥,必须使用X509规范
	 * @return {@link SM2}
	 */
	public static SM2 sm2(final byte[] privateKey, final byte[] publicKey) {
		return new SM2(privateKey, publicKey);
	}

	/**
	 * 创建SM2算法对象

	 * 私钥和公钥同时为空时生成一对新的私钥和公钥

	 * 私钥和公钥可以单独传入一个,如此则只能使用此钥匙来做加密或者解密
	 *
	 * @param privateKey 私钥
	 * @param publicKey  公钥
	 * @return {@link SM2}
	 * @since 5.5.9
	 */
	public static SM2 sm2(final PrivateKey privateKey, final PublicKey publicKey) {
		return new SM2(privateKey, publicKey);
	}

	/**
	 * 创建SM2算法对象

	 * 私钥和公钥同时为空时生成一对新的私钥和公钥

	 * 私钥和公钥可以单独传入一个,如此则只能使用此钥匙来做加密或者解密
	 *
	 * @param privateKeyParams 私钥参数
	 * @param publicKeyParams  公钥参数
	 * @return {@link SM2}
	 * @since 5.5.9
	 */
	public static SM2 sm2(final ECPrivateKeyParameters privateKeyParams, final ECPublicKeyParameters publicKeyParams) {
		return new SM2(privateKeyParams, publicKeyParams);
	}

	/**
	 * SM3加密

	 * 例:

	 * SM3加密:sm3().digest(data)

	 * SM3加密并转为16进制字符串:sm3().digestHex(data)

	 *
	 * @return {@link SM3}
	 */
	public static SM3 sm3() {
		return new SM3();
	}

	/**
	 * SM3加密,可以传入盐
	 *
	 * @param salt 加密盐
	 * @return {@link SM3}
	 * @since 5.7.16
	 */
	public static SM3 sm3WithSalt(final byte[] salt) {
		return new SM3(salt);
	}

	/**
	 * SM3加密,生成16进制SM3字符串

	 *
	 * @param data 数据
	 * @return SM3字符串
	 */
	public static String sm3(final String data) {
		return sm3().digestHex(data);
	}

	/**
	 * SM3加密,生成16进制SM3字符串

	 *
	 * @param data 数据
	 * @return SM3字符串
	 */
	public static String sm3(final InputStream data) {
		return sm3().digestHex(data);
	}

	/**
	 * SM3加密文件,生成16进制SM3字符串

	 *
	 * @param dataFile 被加密文件
	 * @return SM3字符串
	 */
	public static String sm3(final File dataFile) {
		return sm3().digestHex(dataFile);
	}

	/**
	 * SM4加密,生成随机KEY。注意解密时必须使用相同 {@link SymmetricCrypto}对象或者使用相同KEY

	 * 例:
	 *
	 * 
	 * SM4加密:sm4().encrypt(data)
	 * SM4解密:sm4().decrypt(data)
	 * 

	 *
	 * @return {@link SymmetricCrypto}
	 */
	public static SM4 sm4() {
		return new SM4();
	}

	/**
	 * SM4加密

	 * 例:
	 *
	 * 
	 * SM4加密:sm4(key).encrypt(data)
	 * SM4解密:sm4(key).decrypt(data)
	 * 

	 *
	 * @param key 密钥
	 * @return {@link SM4}
	 */
	public static SM4 sm4(final byte[] key) {
		return new SM4(key);
	}

	/**
	 * bc加解密使用旧标c1||c2||c3,此方法在加密后调用,将结果转化为c1||c3||c2
	 *
	 * @param c1c2c3             加密后的bytes,顺序为C1C2C3
	 * @param ecDomainParameters {@link ECDomainParameters}
	 * @return 加密后的bytes,顺序为C1C3C2
	 */
	public static byte[] changeC1C2C3ToC1C3C2(final byte[] c1c2c3, final ECDomainParameters ecDomainParameters) {
		// sm2p256v1的这个固定65。可看GMNamedCurves、ECCurve代码。
		final int c1Len = (ecDomainParameters.getCurve().getFieldSize() + 7) / 8 * 2 + 1;
		final int c3Len = 32; // new SM3Digest().getDigestSize();
		final byte[] result = new byte[c1c2c3.length];
		System.arraycopy(c1c2c3, 0, result, 0, c1Len); // c1
		System.arraycopy(c1c2c3, c1c2c3.length - c3Len, result, c1Len, c3Len); // c3
		System.arraycopy(c1c2c3, c1Len, result, c1Len + c3Len, c1c2c3.length - c1Len - c3Len); // c2
		return result;
	}

	/**
	 * bc加解密使用旧标c1||c3||c2,此方法在解密前调用,将密文转化为c1||c2||c3再去解密
	 *
	 * @param c1c3c2             加密后的bytes,顺序为C1C3C2
	 * @param ecDomainParameters {@link ECDomainParameters}
	 * @return c1c2c3 加密后的bytes,顺序为C1C2C3
	 */
	public static byte[] changeC1C3C2ToC1C2C3(final byte[] c1c3c2, final ECDomainParameters ecDomainParameters) {
		// sm2p256v1的这个固定65。可看GMNamedCurves、ECCurve代码。
		final int c1Len = (ecDomainParameters.getCurve().getFieldSize() + 7) / 8 * 2 + 1;
		final int c3Len = 32; // new SM3Digest().getDigestSize();
		final byte[] result = new byte[c1c3c2.length];
		System.arraycopy(c1c3c2, 0, result, 0, c1Len); // c1: 0->65
		System.arraycopy(c1c3c2, c1Len + c3Len, result, c1Len, c1c3c2.length - c1Len - c3Len); // c2
		System.arraycopy(c1c3c2, c1Len, result, c1c3c2.length - c3Len, c3Len); // c3
		return result;
	}

	/**
	 * BC的SM3withSM2签名得到的结果的rs是asn1格式的,这个方法转化成直接拼接r||s
	 *
	 * @param rsDer rs in asn1 format
	 * @return sign result in plain byte array
	 * @since 4.5.0
	 */
	public static byte[] rsAsn1ToPlain(final byte[] rsDer) {
		final BigInteger[] decode;
		try {
			decode = StandardDSAEncoding.INSTANCE.decode(SM2_DOMAIN_PARAMS.getN(), rsDer);
		} catch (final IOException e) {
			throw new IORuntimeException(e);
		}

		final byte[] r = toFixedLengthBytes(decode[0]);
		final byte[] s = toFixedLengthBytes(decode[1]);

		return ArrayUtil.addAll(r, s);
	}

	/**
	 * BC的SM3withSM2验签需要的rs是asn1格式的,这个方法将直接拼接r||s的字节数组转化成asn1格式
	 *
	 * @param sign in plain byte array
	 * @return rs result in asn1 format
	 * @since 4.5.0
	 */
	public static byte[] rsPlainToAsn1(final byte[] sign) {
		if (sign.length != RS_LEN * 2) {
			throw new CryptoException("err rs. ");
		}
		final BigInteger r = new BigInteger(1, Arrays.copyOfRange(sign, 0, RS_LEN));
		final BigInteger s = new BigInteger(1, Arrays.copyOfRange(sign, RS_LEN, RS_LEN * 2));
		try {
			return StandardDSAEncoding.INSTANCE.encode(SM2_DOMAIN_PARAMS.getN(), r, s);
		} catch (final IOException e) {
			throw new IORuntimeException(e);
		}
	}

	/**
	 * 创建HmacSM3算法的{@link MacEngine}
	 *
	 * @param key 密钥
	 * @return {@link MacEngine}
	 * @since 4.5.13
	 */
	public static MacEngine createHmacSm3Engine(final byte[] key) {
		return new BCHMacEngine(new SM3Digest(), key);
	}

	/**
	 * HmacSM3算法实现
	 *
	 * @param key 密钥
	 * @return {@link HMac} 对象,调用digestXXX即可
	 * @since 4.5.13
	 */
	public static HMac hmacSm3(final byte[] key) {
		return new HMac(HmacAlgorithm.HmacSM3, key);
	}

	// -------------------------------------------------------------------------------------------------------- Private method start

	/**
	 * BigInteger转固定长度bytes
	 *
	 * @param rOrS {@link BigInteger}
	 * @return 固定长度bytes
	 * @since 4.5.0
	 */
	private static byte[] toFixedLengthBytes(final BigInteger rOrS) {
		// for sm2p256v1, n is 00fffffffeffffffffffffffffffffffff7203df6b21c6052b53bbf40939d54123,
		// r and s are the result of mod n, so they should be less than n and have length<=32
		final byte[] rs = rOrS.toByteArray();
		if (rs.length == RS_LEN) {
			return rs;
		} else if (rs.length == RS_LEN + 1 && rs[0] == 0) {
			return Arrays.copyOfRange(rs, 1, RS_LEN + 1);
		} else if (rs.length < RS_LEN) {
			final byte[] result = new byte[RS_LEN];
			Arrays.fill(result, (byte) 0);
			System.arraycopy(rs, 0, result, RS_LEN - rs.length, rs.length);
			return result;
		} else {
			throw new CryptoException("Error rs: {}", Hex.toHexString(rs));
		}
	}
	// -------------------------------------------------------------------------------------------------------- Private method end
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy