openssl sm2 国密算法_openssl中实现sm2

作者：羊村懒王 | 2024-04-08 21:38:55

踩

openssl中实现sm2

sm2算法演示

获取曲线参数
生成秘钥对
自定义userid
加密解密
签名验签
输出公私钥对


#include <openssl/evp.h>
#include <string.h>
#include <openssl/ec.h>
#include <openssl/bio.h>
#include <openssl/pem.h>
#include <iostream>
#include <stdlib.h>
void sm2test() {
	//直接创建一个group会导致i2d方法错误，原因是没有group name,可能需要调用EC_GROUP_set_curve_name()
	//EC_GROUP* gm_group = create_EC_group(
	//	"fffffffeffffffffffffffffffffffffffffffff00000000ffffffffffffffff",
	//	"fffffffeffffffffffffffffffffffffffffffff00000000fffffffffffffffc",
	//	"28e9fa9e9d9f5e344d5a9e4bcf6509a7f39789f515ab8f92ddbcbd414d940e93",
	//	"32c4ae2c1f1981195f9904466a39c9948fe30bbff2660be1715a4589334c74c7",
	//	"bc3736a2f4f6779c59bdcee36b692153d0a9877cc62a474002df32e52139f0a0",
	//	"fffffffeffffffffffffffffffffffff7203df6b21c6052b53bbf40939d54123",
	//	"1");
	EC_KEY* key = EC_KEY_new();
	EC_GROUP* gm_group = EC_GROUP_new_by_curve_name(NID_sm2);
	
	int ret = EC_KEY_set_group(key, gm_group);

	using namespace std;
	if (!ret) {
		cout << "set group error" << endl;
		return;
	}
	//生成秘钥对
	ret = EC_KEY_generate_key(key);
	if (!ret) {
		cout << "EC_KEY_generate_key error" << endl;
		return;
	}
	const BIGNUM* pri = EC_KEY_get0_private_key(key);

	const EC_POINT* point = EC_KEY_get0_public_key(key);


	EVP_PKEY* pkey = EVP_PKEY_new();
	ret = EVP_PKEY_set1_EC_KEY(pkey, key);

	if (!ret) {
		cout << "EVP_PKEY_set1_EC_KEY error" << endl;
		return;
	}
	//如果使用create_EC_group，这里需要替换成国密算法
	//ret = EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2);
	//if (!ret) {
	//	cout << "EVP_PKEY_set_alias_type error" << endl;
	//	return;
	//}

	EVP_PKEY_CTX* pkeyCtx = EVP_PKEY_CTX_new(pkey, NULL);
	//设置SM2的id,idlen
	const char* id = "adgdfdfdfdfd";
	EVP_PKEY_CTX_set1_id(pkeyCtx, id, strlen(id));


	EVP_PKEY_encrypt_init(pkeyCtx);
	const  char* data = "hello";

	unsigned char* out = (unsigned char*)malloc(strlen(data) + 96);
	size_t  outlen = strlen(data) + 96; //如果输入数据传空，返回需要的密文空间大小，
	ret = EVP_PKEY_encrypt(pkeyCtx, out, &outlen, (const unsigned char*)data, strlen(data));
	if (!ret) {
		cout << "EVP_PKEY_encrypt error" << endl;
		return;
	}
	EVP_PKEY_decrypt_init(pkeyCtx);
	unsigned char debuf[10] = { 0 };
	size_t dlen = 10;
	EVP_PKEY_decrypt(pkeyCtx, debuf, &dlen, out, outlen);
	debuf[dlen] = '\0';
	printf("%s\n", debuf);

	//可以加密可以解密

	EVP_PKEY_sign_init(pkeyCtx);
	const  char* tbs = "hello";
	size_t signlen;

	ret = EVP_PKEY_sign(pkeyCtx, NULL, &signlen, (const unsigned char*)tbs, (size_t)strlen((const char*)tbs));

	if (!ret) {
		cout << "EVP_PKEY_sign error" << endl;
		return;
	}
	string str(signlen, '\0');

	//可以签名验签
	ret = EVP_PKEY_sign(pkeyCtx, (unsigned char*)str.data(), &signlen, (const unsigned char*)tbs, (size_t)strlen((const char*)tbs));
	if (!ret) {
		cout << "EVP_PKEY_sign error" << endl;
		return;
	}
	EVP_PKEY_verify_init(pkeyCtx);
	ret = EVP_PKEY_verify(pkeyCtx, (unsigned char*)str.data(), signlen, (const unsigned char*)tbs, (size_t)strlen((const char*)tbs));
	if (!ret) {
		cout << "EVP_PKEY_verify error" << endl;
		return;
	}

	ret = PEM_write_ECPrivateKey(stdout, key, NULL, NULL, 0, NULL, NULL);
	if (!ret) {
		cout << "PEM_write_ECPrivateKey error" << endl;
		return;
	}
	ret = PEM_write_EC_PUBKEY(stdout, key);
	if (!ret) {
		cout << "PEM_write_EC_PUBKEY error" << endl;
		return;
	}
	//unsigned char* der = (unsigned char*)malloc(2048);
	//int derlen=i2d_EC_PUBKEY(key, &der);
	//if (derlen > 0) {
	//	cout << derlen << endl;
	//}
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120

声明：本文内容由网友自发贡献，不代表【wpsshop博客】立场，版权归原作者所有，本站不承担相应法律责任。如您发现有侵权的内容，请联系我们。转载请注明出处：https://www.wpsshop.cn/w/羊村懒王/article/detail/388375