热门标签
热门文章
- 1【leetcode】栈、队列相关题目思路总结(更新中)
- 2Unity中的SendMessage使用 (发送消息与接收消息)_uni.sendmessagetowindow
- 3python之GPT怎么搭建_如何训练一个gpt模型
- 4【C++·Qt】VS+Qt开发环境搭建以及注意事项_vs qt
- 5算法5·贪婪算法(旅行商问题)_贪心算法的算法matlab旅行商问题
- 6RK3288/3399 Android Root方法_rk3288系统删除adb root
- 7用Matplotlib在PyQt5界面绘制动态曲线、柱形、二维、三维图(上)_pyqt5实时曲线绘制
- 8前端基础(一)—— ES6_生旦净末灰
- 9Elasticsearch在Linux中的单节点部署和集群部署_elasticsearch单节点配置
- 10[Unity] GPU动画实现(三)——材质合并
当前位置: article > 正文
SM3WithSM2摘要的SM2签名验签
作者:笔触狂放9 | 2024-02-20 03:26:36
赞
踩
sm3withsm2
这个代码有可能不符合国标。。。
- #include <stdio.h>
- #include <string.h>
- #include <openssl/ssl.h>
- #include <openssl/err.h>
- #include <openssl/pem.h>
- #include <openssl/conf.h>
- #include <openssl/x509v3.h>
-
- #include <openssl/bn.h>
- #include <openssl/crypto.h>
- #include <openssl/evp.h>
- #include <openssl/ecdsa.h>
- #include <openssl/sha.h>
- #include <openssl/asn1.h>
- #include <openssl/x509.h>
- #include <openssl/objects.h>
- #include <openssl/buffer.h>
- #include <openssl/sm2.h>
-
- int hashForSM3(unsigned char* clearText, int clearTextLen, unsigned char* sm3Data){
- int ret = -1;
- //初始化摘要结构体
- EVP_MD_CTX *mdctx = EVP_MD_CTX_create();
- if(!mdctx)
- return -1;
- EVP_MD_CTX_init(mdctx);
-
- //设置摘要算法和密码算法引擎
- if(!EVP_DigestInit_ex(mdctx, EVP_sm3(), NULL))
- goto ERR;
-
- //输入原文clearText
- if(!EVP_DigestUpdate(mdctx,clearText, clearTextLen))
- goto ERR;
-
- //输出摘要值,外部判断ret是否为32作为成功条件
- if(!EVP_DigestFinal(mdctx, sm3Data, (unsigned int*)&ret))
- goto ERR;
- ERR:
- EVP_MD_CTX_destroy(mdctx);
- return ret;
- }
-
- int hashForSM3WithSM2(unsigned char* clearText, int clearTextLen, unsigned char* puk, int pukLen, unsigned char* sm3Data){
- //以下为国密标准推荐参数,id="1234567812345678",长度是128bit则0x0080
- unsigned char sm2_par_dig[210] = {//idlen[2]+id[16]+parm[128]+puk[64]
- 0x00,0x80,
- 0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,
- 0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
- 0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFC,
- 0x28,0xE9,0xFA,0x9E,0x9D,0x9F,0x5E,0x34,0x4D,0x5A,0x9E,0x4B,0xCF,0x65,0x09,0xA7,
- 0xF3,0x97,0x89,0xF5,0x15,0xAB,0x8F,0x92,0xDD,0xBC,0xBD,0x41,0x4D,0x94,0x0E,0x93,
- 0x32,0xC4,0xAE,0x2C,0x1F,0x19,0x81,0x19,0x5F,0x99,0x04,0x46,0x6A,0x39,0xC9,0x94,
- 0x8F,0xE3,0x0B,0xBF,0xF2,0x66,0x0B,0xE1,0x71,0x5A,0x45,0x89,0x33,0x4C,0x74,0xC7,
- 0xBC,0x37,0x36,0xA2,0xF4,0xF6,0x77,0x9C,0x59,0xBD,0xCE,0xE3,0x6B,0x69,0x21,0x53,
- 0xD0,0xA9,0x87,0x7C,0xC6,0x2A,0x47,0x40,0x02,0xDF,0x32,0xE5,0x21,0x39,0xF0,0xA0,
- };
- //对应规范pdf中的章节8.1
- memcpy(sm2_par_dig + 2 + 16 + 128, puk, pukLen);
- unsigned char* sm3_e = (unsigned char*)malloc(32 + clearTextLen);
- if(32 != hashForSM3(sm2_par_dig, 210, sm3_e)){
- free(sm3_e);
- return -1;
- }
- //对应规范pdf中的章节8.2
- memcpy(sm3_e + 32, clearText, clearTextLen);
- if(32 != hashForSM3(sm3_e, 32 + clearTextLen, sm3Data)){
- free(sm3_e);
- return -1;
- }
- free(sm3_e);
- return 0;
- }
-
- int main(){
- int i = 0;
- BIO *bio_pri = NULL;
- BIO *bio_puk = NULL;
- EVP_PKEY *pkey_pri = NULL;
- EC_KEY *prikey = NULL;
- EVP_PKEY *pkey_puk = NULL;
- EC_KEY *pubkey = NULL;
- X509 *cert = NULL;
- unsigned char* puk = NULL;
- int pukLen = 0;
- unsigned char* clearText = (unsigned char*)"1234567890123456";
- int clearTextLen = strlen((char*)clearText);
- unsigned char sm3Data[32] = {0};
- int sm3DataLen = 0;
- unsigned char out[1024] = {0};
- int outLen = 0;
-
- ///公钥相关结构
- //bio_puk = BIO_new_file("server_cert.der", "r");
- bio_puk = BIO_new_file("server_cert.pem", "r");
- if (!bio_puk) goto ERR;
-
- //cert = d2i_X509_bio(bio_puk, NULL);
- cert = PEM_read_bio_X509(bio_puk, NULL, NULL, NULL);
- if (!cert) goto ERR;
-
- pkey_puk = X509_get_pubkey(cert);
- if (!pkey_puk) goto ERR;
-
- pubkey = EVP_PKEY_get0_EC_KEY(pkey_puk);//don't free
- if (!pubkey) goto ERR;
- //要去除04标识
- pukLen = i2d_PublicKey(pkey_puk,(unsigned char**)&puk) - 1;
- if (!puk) goto ERR;
- ///私钥相关结构
- bio_pri = BIO_new_file("server_private.key", "r");
- if (!bio_pri) goto ERR;
- pkey_pri = PEM_read_bio_PrivateKey(bio_pri, NULL, NULL, NULL);
- if (!pkey_pri) goto ERR;
- prikey = EVP_PKEY_get0_EC_KEY(pkey_pri);//don't free
- if (!prikey) goto ERR;
-
- ///sm3 sm2 sign/verify
- if(hashForSM3WithSM2(clearText, clearTextLen, puk, pukLen, sm3Data))
- goto ERR;
-
- if (!SM2_sign(NID_undef, sm3Data, sm3DataLen, out, (unsigned int*)&outLen, prikey))
- goto ERR;
-
- printf("out[%d]:\n", outLen);
- for (int i = 0; i != outLen; i++) {
- printf("%02x ", *(out + i));
- if ((i != 0 && (i + 1) % 16 == 0) || i == outLen - 1) {
- printf("\n");
- }
- }
- printf("\n");
- FILE *fp_w = fopen("server_16.sig", "wb");
- for(int i=0; i < outLen; i++)
- {
- fwrite(((unsigned char*)(out+i)), 1, 1, fp_w);
- }
- fclose(fp_w);
-
- FILE *fp_r = fopen("server_16.sig", "rb");
- size_t slen = 0;
- fseek(fp_r, 0, SEEK_SET);
- int nRet;
- for(int i=0; ; i++)
- {
- nRet=fread(&(out[i]), 1, 1, fp_r);
- if(1 != nRet)
- {
- break;
- }
- printf("%02x ",out[i]);
- slen++;
- }
- fclose(fp_r);
-
- if (1 != SM2_verify(NID_undef, sm3Data, sm3DataLen, out, outLen, pubkey))
- goto ERR;
-
- printf("verify success\n");
- ERR:
- if(puk) OPENSSL_free(puk);
- if(bio_pri) BIO_free_all(bio_pri);
- if(bio_puk) BIO_free_all(bio_puk);
- if(pkey_pri) EVP_PKEY_free(pkey_pri);
- if(pkey_puk) EVP_PKEY_free(pkey_puk);
- if(cert) X509_free(cert);
- return 0;
- }
参考:
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/笔触狂放9/article/detail/118167
推荐阅读
相关标签
