热门标签
热门文章
- 1iPhone 16 还剩一个月,微软开源新技术让手机以 6 倍速度提前跑上大模型
- 2使用Anthropic模型进行图像推理的多模态LLM_anthropic库 多模态调用
- 3未设置Strict-Transport-Security响应头【原理扫描】
- 4Android 10.0 通过广播切换APN-在Settings中加入_android10 添加apn
- 5MySQL - Row size too large (> 8126). Changing some columns to TEXT or BLOB_row size too large (> 8126)
- 6时序数据预处理
- 7Git怎么把不用提交的IDE等配置文件忽略?_如何隐藏配置文件不提交
- 8Linux系统中wget命令用法详解_linux wget
- 9可视化大屏:如何get到领导心目中的“科技感”?
- 10Merge the incoming changes into the current branch和Rebase the current branch on top of the incoming_rebase the current branch on top of incoming chang
当前位置: article > 正文
GMT0009 SM2密钥算法使用规范以及密钥对保护数据解析
作者:秋刀鱼在做梦 | 2024-08-18 17:25:14
赞
踩
gmt0009
密钥对保护数据格式
在SM2密钥对传递时,需要对SM2密钥对进行加密保护,即数字信封,具体的保护方法为:
- 产生一个对称密钥
- 按对称密码算法标识指定的算法对SM2私钥进行加密,得到私钥的密文,若对称算法为分组算法,则其运算模式为ECB
- 使用外部SM2公钥加密对称密钥得到对称密钥密文
- 将私钥密文、对称密钥密文封装得到密钥对保护数据中
SM2密钥对的保护数据格式的ASN.1定义为:
对称密钥算法标识
AlgorithmIdentifier也是一个sequence 规范可在RFC5280中查看
SM2对称密文加密数据格式
SM2 算法加密后的数据格式的ASN.1定义为:
SM2公钥
SM2私钥密文
SM2私钥密文即是由对称密钥SM4进行加密的密文,密文长度是16的倍数
java 解析密钥对保护数据
// 结构拆解 ASN1Sequence env = (ASN1Sequence) ASN1Object.fromByteArray(envelope); // 1. 算法标识 DEREncodable obj0 = env.getObjectAt(0); if (!(obj0 instanceof DERSequence)) throw new Exception("format is invaild, obj(0) is not sequence"); DEREncodable obj0_0 = ((DERSequence) obj0).getObjectAt(0); if (!(obj0_0 instanceof DERObjectIdentifier)) throw new Exception("format is invaild, obj(0).(0) is not object identifier"); // 2. 对称密钥密文 DEREncodable obj1 = env.getObjectAt(1); if (!(obj1 instanceof DERSequence)) throw new Exception("format is invaild, obj(1) is not sequence"); DEREncodable obj1_0 = ((DERSequence) obj1).getObjectAt(0); if (!(obj1_0 instanceof DERInteger)) throw new Exception("format is invaild, obj(1).(0) is not integer"); DEREncodable obj1_1 = ((DERSequence) obj1).getObjectAt(1); if (!(obj1_1 instanceof DERInteger)) throw new Exception("format is invaild, obj(1).(1) is not integer"); DEREncodable obj1_2 = ((DERSequence) obj1).getObjectAt(2); if (!(obj1_2 instanceof DEROctetString)) throw new Exception("format is invaild, obj(1).(2) is not octect string"); DEREncodable obj1_3 = ((DERSequence) obj1).getObjectAt(3); if (!(obj1_3 instanceof DEROctetString)) throw new Exception("format is invaild, obj(1).(3) is not octect string"); // SM2 公钥 DEREncodable obj2 = env.getObjectAt(2); if (!(obj2 instanceof DERBitString)) throw new Exception("format is invaild, obj(2) is not bit string"); // SM2私钥密文 DEREncodable obj3 = env.getObjectAt(3); if (!(obj3 instanceof DERBitString)) throw new Exception("format is invaild, obj(3) is not bit string");
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/秋刀鱼在做梦/article/detail/998391
推荐阅读
相关标签
