首页 > 其他分享 > OpenSSL-SM2

OpenSSL-SM2

时间:2023-06-01 22:22:36浏览次数:33  
标签:PKEY include CTX OpenSSL SM2 key EVP NULL

任务详情

  1. 在openEuler(推荐)或Ubuntu或Windows(不推荐)中完成下面任务
  2. 编译运行https://github.com/greendow/SM2-signature-creation-and-verification 中的代码,提交运行结果与截图,(7‘)
  3. 编译运行https://github.com/greendow/SM2-encrypt-and-decrypt 中的代码提交运行结果与截图(8’)
  4. 用OpenSSL EVP函数完成上述签名验签和加密解密两个功能,提交代码和运行结果截图。(15‘)

一、SM2-signature-creation-and-verification
编译

gcc -o sm2_sign *.c -I. -lcrypto

运行

二、SM2-encrypt-and-decrypt
编译

gcc -o mysm2 *.c -I. -lcrypto

运行

三、OpenSSL EVP函数

sm2_enc_dec.c

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/ec.h>
#include <openssl/evp.h>

int main(void) {
	int ret = -1, i;
	EVP_PKEY_CTX *pctx = NULL, *ectx = NULL;
	EVP_PKEY *pkey = NULL;
	unsigned char message[16] = "2020133120201331";//{ 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7,0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF };
	size_t message_len = sizeof(message);
	unsigned char *ciphertext = NULL, *plaintext = NULL;
	size_t ciphertext_len, plaintext_len;
	EC_KEY *key_pair = NULL;
	const BIGNUM *priv_key = NULL;
	char *priv_key_str = NULL;

	const EC_GROUP *group = NULL;
	const EC_POINT *pub_key = NULL;
	BN_CTX *ctx = NULL;
	BIGNUM *x_coordinate = NULL, *y_coordinate = NULL;
	char *x_coordinate_str = NULL, *y_coordinate_str = NULL;

	/* create SM2 Ellipse Curve parameters and key pair */
	if ( !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_paramgen_init(pctx)) != 1 ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)) <= 0 ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_keygen_init(pctx)) != 1 ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_keygen(pctx, &pkey)) != 1 ) {
		goto clean_up;
	}

	/* print SM2 key pair */
	if ( !(key_pair = EVP_PKEY_get0_EC_KEY(pkey)) ) {
		goto clean_up;
	}

	if ( !(priv_key = EC_KEY_get0_private_key(key_pair)) ) {
		goto clean_up;
	}

	if ( !(priv_key_str = BN_bn2hex(priv_key)) ) {
		goto clean_up;
	}
	printf("SM2 private key (in hex form):\n");
	printf("%s\n\n", priv_key_str);

	if ( !(pub_key = EC_KEY_get0_public_key(key_pair)) ) {
		goto clean_up;
	}

	if ( !(group = EC_KEY_get0_group(key_pair)) ) {
		goto clean_up;
	}

	if ( !(ctx = BN_CTX_new()) ) {
		goto clean_up;
	}
	BN_CTX_start(ctx);
	x_coordinate = BN_CTX_get(ctx);
	y_coordinate = BN_CTX_get(ctx);
	if ( !(y_coordinate) ) {
		goto clean_up;
	}
	if ( !(EC_POINT_get_affine_coordinates(group, pub_key, x_coordinate, y_coordinate, ctx)) ) {
		goto clean_up;
	}
	if ( !(x_coordinate_str = BN_bn2hex(x_coordinate)) ) {
		goto clean_up;
	}
	printf("x coordinate in SM2 public key (in hex form):\n");
	printf("%s\n\n", x_coordinate_str);

	if ( !(y_coordinate_str = BN_bn2hex(y_coordinate)) ) {
		goto clean_up;
	}
	printf("y coordinate in SM2 public key (in hex form):\n");
	printf("%s\n\n", y_coordinate_str);

	/* compute SM2 encryption */
	if ( (EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)) != 1 ) {
		goto clean_up;
	}

	if ( !(ectx = EVP_PKEY_CTX_new(pkey, NULL)) ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_encrypt_init(ectx)) != 1 ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_encrypt(ectx, NULL, &ciphertext_len, message, message_len)) != 1 ) {
		goto clean_up;
	}

	if ( !(ciphertext = (unsigned char *)malloc(ciphertext_len)) ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_encrypt(ectx, ciphertext, &ciphertext_len, message, message_len)) != 1 ) {
		goto clean_up;
	}

	printf("Message length: %ld bytes.\n", message_len);
	printf("Message:\n");
	for (i = 0; i < (int)message_len; i++) {
		printf("0x%x  ", message[i]);
	}
	printf("\n\n");

	printf("Ciphertext length: %ld bytes.\n", ciphertext_len);
	printf("Ciphertext (ASN.1 encode):\n");
	for (i = 0; i < (int)ciphertext_len; i++) {
		printf("0x%x  ", ciphertext[i]);
	}
	printf("\n\n");

	/* compute SM2 decryption */
	if ( (EVP_PKEY_decrypt_init(ectx)) != 1 ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_decrypt(ectx, NULL, &plaintext_len, ciphertext, ciphertext_len)) != 1 ) {
		goto clean_up;
	}

	if ( !(plaintext = (unsigned char *)malloc(plaintext_len)) ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_decrypt(ectx, plaintext, &plaintext_len, ciphertext, ciphertext_len)) != 1 ) {
		goto clean_up;
	}

	printf("Decrypted plaintext length: %ld bytes.\n", plaintext_len);
	printf("Decrypted plaintext:\n");
	for (i = 0; i < (int)plaintext_len; i++) {
		printf("0x%x  ", plaintext[i]);
	}
	printf("\n\n");

	if ( plaintext_len != message_len ) {
		printf("Decrypted data length error!\n");
		goto clean_up;
	}

	if ( memcmp(plaintext, message, message_len) ) {
		printf("Decrypt data failed!\n");
		goto clean_up;
	} else {
		printf("Encrypt and decrypt data succeeded!\n");
	}

	ret = 0;
clean_up:
	if (pctx) {
		EVP_PKEY_CTX_free(pctx);
	}

	if (pkey) {
		EVP_PKEY_free(pkey);
	}

	if (priv_key_str) {
		OPENSSL_free(priv_key_str);
	}

	if (ctx) {
		BN_CTX_end(ctx);
		BN_CTX_free(ctx);
	}

	if (x_coordinate_str) {
		OPENSSL_free(x_coordinate_str);
	}

	if (y_coordinate_str) {
		OPENSSL_free(y_coordinate_str);
	}

	if (ectx) {
		EVP_PKEY_CTX_free(ectx);
	}

	if (ciphertext) {
		free(ciphertext);
	}

	if (plaintext) {
		free(plaintext);
	}

	return 0;
}

运行结果

sm2_sign.c

#include <stdio.h>
#include <stdlib.h>
#include <openssl/ec.h>
#include <openssl/evp.h>

int main(void) {
	int ret = -1, i;
	EVP_PKEY_CTX* pctx = NULL, * sctx = NULL;
	EVP_PKEY* pkey = NULL;
	EVP_MD_CTX* md_ctx = NULL, * md_ctx_verify = NULL;
	unsigned char message[16] = "2020133120201331"; //{ 0x0, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x9, 0xA, 0xB, 0xC, 0xD, 0xE, 0xF };
	size_t message_len = sizeof(message);
	unsigned char* sig = NULL;
	size_t sig_len;
	unsigned char sm2_id[] = { 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
	                           0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38
	                         };
	unsigned int sm2_id_len = sizeof(sm2_id);
	EC_KEY* key_pair = NULL;
	const BIGNUM* priv_key = NULL;
	char* priv_key_str = NULL;

	const EC_GROUP* group = NULL;
	const EC_POINT* pub_key = NULL;
	BN_CTX* ctx = NULL;
	BIGNUM* x_coordinate = NULL, * y_coordinate = NULL;
	char* x_coordinate_str = NULL, * y_coordinate_str = NULL;

	/* create SM2 Ellipse Curve parameters and key pair */
	if ( !(pctx = EVP_PKEY_CTX_new_id(EVP_PKEY_EC, NULL)) ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_paramgen_init(pctx)) != 1 ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_sm2)) <= 0 ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_keygen_init(pctx)) != 1 ) {
		goto clean_up;
	}

	if ( (EVP_PKEY_keygen(pctx, &pkey)) != 1 ) {
		goto clean_up;
	}

	/* print SM2 key pair */
	if ( !(key_pair = EVP_PKEY_get0_EC_KEY(pkey)) ) {
		goto clean_up;
	}

	if ( !(priv_key = EC_KEY_get0_private_key(key_pair)) ) {
		goto clean_up;
	}

	if ( !(priv_key_str = BN_bn2hex(priv_key)) ) {
		goto clean_up;
	}
	printf("SM2 private key (in hex form):\n");
	printf("%s\n\n", priv_key_str);

	if ( !(pub_key = EC_KEY_get0_public_key(key_pair)) ) {
		goto clean_up;
	}

	if ( !(group = EC_KEY_get0_group(key_pair)) ) {
		goto clean_up;
	}

	if ( !(ctx = BN_CTX_new()) ) {
		goto clean_up;
	}
	BN_CTX_start(ctx);
	x_coordinate = BN_CTX_get(ctx);
	y_coordinate = BN_CTX_get(ctx);
	if ( !(y_coordinate) ) {
		goto clean_up;
	}
	if ( !(EC_POINT_get_affine_coordinates(group, pub_key, x_coordinate, y_coordinate, ctx)) ) {
		goto clean_up;
	}
	if ( !(x_coordinate_str = BN_bn2hex(x_coordinate)) ) {
		goto clean_up;
	}
	printf("x coordinate in SM2 public key (in hex form):\n");
	printf("%s\n\n", x_coordinate_str);

	if ( !(y_coordinate_str = BN_bn2hex(y_coordinate)) ) {
		goto clean_up;
	}
	printf("y coordinate in SM2 public key (in hex form):\n");
	printf("%s\n\n", y_coordinate_str);

	/* compute SM2 signature */
	if ( (EVP_PKEY_set_alias_type(pkey, EVP_PKEY_SM2)) != 1 ) {
		goto clean_up;
	}

	if ( !(md_ctx = EVP_MD_CTX_new()) ) {
		goto clean_up;
	}

	if ( !(sctx = EVP_PKEY_CTX_new(pkey, NULL)) ) {
		goto clean_up;
	}

	if ( EVP_PKEY_CTX_set1_id(sctx, sm2_id, sm2_id_len) <= 0 ) {
		goto clean_up;
	}

	EVP_MD_CTX_set_pkey_ctx(md_ctx, sctx);

	if ( (EVP_DigestSignInit(md_ctx, NULL, EVP_sm3(), NULL, pkey)) != 1 ) {
		goto clean_up;
	}

	if ( (EVP_DigestSignUpdate(md_ctx, message, message_len)) != 1 ) {
		goto clean_up;
	}

	if ( (EVP_DigestSignFinal(md_ctx, NULL, &sig_len)) != 1 ) {
		goto clean_up;
	}

	if ( !(sig = (unsigned char*)malloc(sig_len)) ) {
		goto clean_up;
	}

	if ( (EVP_DigestSignFinal(md_ctx, sig, &sig_len)) != 1 ) {
		goto clean_up;
	}

	printf("Message length: %ld bytes.\n", message_len);
	printf("Message:\n");
	for (i = 0; i < (int)message_len; i++) {
		printf("0x%x  ", message[i]);
	}
	printf("\n\n");

	printf("SM2 signature length: %ld bytes.\n", sig_len);
	printf("SM2 signature (ASN.1 encode):\n");
	for (i = 0; i < (int)sig_len; i++) {
		printf("0x%x  ", sig[i]);
	}
	printf("\n\n");

	/* verify SM2 signature */
	if ( !(md_ctx_verify = EVP_MD_CTX_new()) ) {
		goto clean_up;
	}

	EVP_MD_CTX_set_pkey_ctx(md_ctx_verify, sctx);

	if ( (EVP_DigestVerifyInit(md_ctx_verify, NULL, EVP_sm3(), NULL, pkey)) != 1 ) {
		goto clean_up;
	}

	if ( (EVP_DigestVerifyUpdate(md_ctx_verify, message, sizeof(message))) != 1 ) {
		goto clean_up;
	}

	if ( (EVP_DigestVerifyFinal(md_ctx_verify, sig, sig_len)) != 1 ) {
		printf("Verify SM2 signature failed!\n");
		goto clean_up;
	} else {
		printf("Verify SM2 signature succeeded!\n");
	}

	ret = 0;
clean_up:
	if (pctx) {
		EVP_PKEY_CTX_free(pctx);
	}

	if (pkey) {
		EVP_PKEY_free(pkey);
	}

	if (priv_key_str) {
		OPENSSL_free(priv_key_str);
	}

	if (ctx) {
		BN_CTX_end(ctx);
		BN_CTX_free(ctx);
	}

	if (x_coordinate_str) {
		OPENSSL_free(x_coordinate_str);
	}

	if (y_coordinate_str) {
		OPENSSL_free(y_coordinate_str);
	}

	if (md_ctx) {
		EVP_MD_CTX_free(md_ctx);
	}

	if (sctx) {
		EVP_PKEY_CTX_free(sctx);
	}

	if (sig) {
		free(sig);
	}

	if (md_ctx_verify) {
		EVP_MD_CTX_free(md_ctx_verify);
	}
	return 0;
}

运行结果

标签:PKEY,include,CTX,OpenSSL,SM2,key,EVP,NULL
From: https://www.cnblogs.com/killerqueen4/p/17450411.html

相关文章

  • SM2259XT2+IM3D固件下载,DIY+简单测试SM2259XT2+384G B0KB的固态
    SM2259XT2固件下载,DIY+简单测试SM2259XT2+384GB0KB的固态。这是本次要出场的固态U盘:刚好找到一个美光的B0KB,单颗384GB,想起来之前买了几百片59XT2的U盘板子,刚好这个东西支持,贴上去试试。从量产部落下载了SM2259XT2开卡工具,上电读一下ID,ID齐全,直接自动识别开卡。一把过,颗粒原来在一......
  • error: RPC failed; curl 55 OpenSSL SSL_write: Connection was aborted, errno 1005
    git初始化上传本地代码到远程出现异常造成的可能原因:1.网络原因2.无效的代理3.一次性推送的代码量过大 解决方法:1.网络原因可以等一段时间网络良好的情况上传2.无效代理的情况如下设置gitconfighttp.sslVerify"false"3.一次性推送代码量过大的情况如下设置,更改推......
  • git指令连接库失败:OpenSSL SSL_read: Connection was reset, errno 10054
    一、问题描述无论是gitclone还是gitpush之类的需要连接库的指令都会出现`fatal:unabletoaccess'http://github.com/我的库/':OpenSSLSSL_read:Connectionwasreset,errno10054`报错原因:字面意思:服务器的SSL证书灭有经过第三方机构的签署。网上信息也有的说可能......
  • python 问题修复ImportError: urllib3 v2.0 only supports OpenSSL 1.1.1+
    目录python问题修复ImportError:urllib3v2.0onlysupportsOpenSSL1.1.1+升级openssl版本降低urllib版本python问题修复ImportError:urllib3v2.0onlysupportsOpenSSL1.1.1+这个问题时python版本安装的urllib3版本过高,而openssl版本太低导致的解决无非两种方法,降低......
  • SM2前后端交互加解密(已联调测通)
    准备工作:后端(jar包)、前端(js文件)阿里云盘:所需文件:https://www.aliyundrive.com/s/wmYT1TMx4az  1.后端java代码SM2工具类:importcom.antherd.smcrypto.sm2.Keypair;importcom.antherd.smcrypto.sm2.Sm2;importio.netty.util.internal.StringUtil;publicclassSM......
  • 从零玩转前后端加解密之SM2-sm2
    title:从零玩转前后端加解密之SM2date:2022-08-2119:42:00.907updated:2023-03-3013:28:48.866url:https://www.yby6.com/archives/sm2categories:-加密算法-从零玩转系列tags:-加密算法-sm2前言SM2是国家密码管理局于2010年12月17日发布的椭圆曲线公钥密......
  • OpenSSL安装指南
    #一、查看主机openssl版本信息#1、查看路径whichopenssl#2、查看版本opensslversion#二、安装Openssl#方法一、直接安装yuminstallopensslopenssl-devel#方法二、下载源码编译安装#访问0penSSL官网资源,查看是否有最新的版本发布#宫网资源地址:https://www.openssl.org/so......
  • cmake 编译提示找不到openssl的解决办法
    最后通过export 设置环境变量解决问题。exportOPENSSL_ROOT_DIR=/usr/local/opensslexportOPENSSL_LIBRARIES=/usr/local/openssl/lib参考链接:https://blog.csdn.net/davidullua/article/details/126717060......
  • 解决Qt6.5 for Android应用程序(地图应用程序)不支持OpenSSL问题
    1.问题原因:版本问题ssl_3:usedforQt6.5.0+.ssl_1_1:forQtQt5.12.5+,5.13.1+,5.14.0+,5.15.0+,Qt6.x.xupto6.4.x2.解决方法在此网址https://github.com/KDAB/android_openssl,下载预编译库android_openssl-master.zip,并按照说明使用。 参考地址:0.Addi......
  • 罗克韦尔Modbus-RTU通讯程序 硬件配置:1769-SM2 软件版本:Studi
    罗克韦尔Modbus-RTU通讯程序硬件配置:1769-SM2软件版本:Studio5000V32实现以下功能:RS485通讯MODBUS-RTU模式1:读取从站数据2:写入从站数据3:查看从站通讯成功失败状态4:查看从站通讯错误故障代码5:查看单周期和全周期时间单个端口支持32站点,3端口96站点。支持并发3端口最大512点......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99