SM加密笔记

SM加密笔记

SM简介

SM1: 该算法不公开,仅以 IP 核的形式 存在于芯片中。

SM2:椭圆曲线公钥密码算法。

SM3:HASH算法,据国家密码管理局表示,其安全性及效率与SHA-256相当。

SM4: 分组密码算法,

SM加密实例

1
2
https://e.aibank.com/index.html#/loginpre/OnlineServiceLogin
https://e.aibank.com/htmls/OnlineServices/OnlineServiceLogin.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
function SM2Encrypt(a, b) {
    var c = new SM2Cipher(0);
    return a = c.str2Bytes(a.toString()),
    c.Encrypt(b, a).toUpperCase()
}
function SM3Encrypt(a) {
    var b = new SM3Digest;
    b.BlockUpdate(stringToByte(a), 0, stringToByte(a).length);
    var c = new Array(32);
    return b.DoFinal(c, 0),
    bin2hex(c).toUpperCase()
}

function packageEncrypt(a, b) {
    if ("" == a)
        return "";
    "" == tempSM4Key && (tempSM4Key = RndNum(32));
    var c = hex2b64(SM4.encode({
        input: a,
        key: tempSM4Key
    }));
    return hex2b64(SM2Encrypt(tempSM4Key, b)) + "|" + c + "|" + hex2b64(SM3Encrypt(a))
}

image-20220419163822026

1
2
3
4
5
6
7
8
9

SM2Encrypt(tempSM4Key, b)
'32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A02C7A25FB8D8DBD819C1B2494B755522B7CE797489070293899C6B7F30AD1B6811D94A432C395E680FF3CA0AA23D13BAF'

tempSM4Key
'42778414458168935259260682648582'

b
'dedac887bb79feab24ce21ae6b112feeb7f3160e54c60df59d19de85361b3eaeecc92b773bf9b87d40d4c8afbd61c6753b6aa333665f6ce30fcad71e99206751'
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
from gmssl import sm2, sm3, func
from gmssl.sm4 import CryptSM4, SM4_ENCRYPT, SM4_DECRYPT
import base64
import binascii

# sm3
print(sm3.sm3_hash(func.bytes_to_list(b"{}")))
print(base64.b64decode('8agjqqqv5A4RPH8E3XLCifr4YlLEqbV88dPJ4SVH+a0='))

# sm2
private_key = ''
public_key = 'dedac887bb79feab24ce21ae6b112feeb7f3160e54c60df59d19de85361b3eaeecc92b773bf9b87d40d4c8afbd61c6753b6aa333665f6ce30fcad71e99206751'
sm2_crypt = sm2.CryptSM2(public_key=public_key, private_key=private_key)
data = b"42778414458168935259260682648582"
enc_data = sm2_crypt.encrypt(data)
print(binascii.hexlify(enc_data))

#sm4
key = binascii.unhexlify('82688402386581586135652995135805')
value = b'{}'
crypt_sm4 = CryptSM4()
crypt_sm4.set_key(key, SM4_ENCRYPT)
encrypt_value = crypt_sm4.crypt_ecb( value)
print(base64.b64encode(encrypt_value))

image-20220419171905610