/**
* 私钥签名
* 使用SM3进行对明文数据计算一个摘要值
* @param privatekey 私钥
* @param sourceData 明文数据
* @return 签名后的值
* @throws Exception
*/
public static SM2SignVO Sign2SM2(byte[] privatekey, byte[] sourceData)
{
SM2SignVO sm2SignVO = new SM2SignVO();
sm2SignVO.setSm2_type("sign");
var factory = SM2CryptoServiceProvider.Instance;
BigInteger userD = new BigInteger(privatekey);
//System.out.println("userD:"+userD.toString(16));
sm2SignVO.setSm2_userd(userD.ToByteArray().ToHexString());
ECPoint userKey = factory.ecc_point_g.Multiply(userD);
//System.out.println("椭圆曲线点X: "+ userKey.getXCoord().toBigInteger().toString(16));
//System.out.println("椭圆曲线点Y: "+ userKey.getYCoord().toBigInteger().toString(16));
SM3Digest sm3Digest = new SM3Digest();
byte[] z = factory.Sm2GetZ(USER_ID.GetBytes(), userKey);
//System.out.println("SM3摘要Z: " + Util.getHexString(z));
//System.out.println("被加密数据的16进制: " + Util.getHexString(sourceData));
sm2SignVO.setSm3_z(z.ToHexString());
sm2SignVO.setSign_express(sourceData.ToHexString());
sm3Digest.update(z, 0, z.Length);
sm3Digest.update(sourceData, 0, sourceData.Length);
byte[] md = new byte[32];
sm3Digest.doFinal(md, 0);
//System.out.println("SM3摘要值: " + Util.getHexString(md));
sm2SignVO.setSm3_digest(md.ToHexString());
SM2Result sm2Result = new SM2Result();
factory.sm2Sign(md, userD, userKey, sm2Result);
//System.out.println("r: " + sm2Result.r.toString(16));
//System.out.println("s: " + sm2Result.s.toString(16));
sm2SignVO.setSign_r(sm2Result.r.ToByteArray().ToHexString());
sm2SignVO.setSign_s(sm2Result.s.ToByteArray().ToHexString());
var d_r = new DerInteger(sm2Result.r);
var d_s = new DerInteger(sm2Result.s);
var v2 = new Asn1EncodableVector();
v2.Add(d_r);
v2.Add(d_s);
var sign = new DerSequence(v2);
String result = sign.GetEncoded().ByteArrayToHex();
sm2SignVO.setSm2_sign(result);
return(sm2SignVO);
}
/// <summary>
/// 验证签名
/// </summary>
/// <param name="publicKey">公钥信息</param>
/// <param name="sourceData">密文信息</param>
/// <param name="signData">签名信息</param>
/// <returns>验签的对象 包含了相关参数和验签结果</returns>
public static SM2SignVO VerifySignSM2(byte[] publicKey, byte[] sourceData, byte[] signData)
{
try
{
byte[] formatedPubKey;
SM2SignVO verifyVo = new SM2SignVO();
verifyVo.setSm2_type("verify");
if (publicKey.Length == 64)
{
// 添加一字节标识,用于ECPoint解析
formatedPubKey = new byte[65];
formatedPubKey[0] = 0x04;
System.Array.Copy(publicKey, 0, formatedPubKey, 1, publicKey.Length);
}
else
{
formatedPubKey = publicKey;
}
var factory = SM2CryptoServiceProvider.Instance;
ECPoint userKey = factory.ecc_curve.DecodePoint(formatedPubKey);
SM3Digest sm3Digest = new SM3Digest();
byte[] z = factory.Sm2GetZ(USER_ID.GetBytes(), userKey);
//System.out.println("SM3摘要Z: " + Util.getHexString(z));
verifyVo.setSm3_z(z.ToHexString());
sm3Digest.update(z, 0, z.Length);
sm3Digest.update(sourceData, 0, sourceData.Length);
byte[] md = new byte[32];
sm3Digest.doFinal(md, 0);
//System.out.println("SM3摘要值: " + Util.getHexString(md));
verifyVo.setSm3_digest(md.ToHexString());
var bis = new MemoryStream(signData);
var dis = new Asn1InputStream(bis);
SM2Result sm2Result = null;
var derObj = dis.ReadObject();
var e = ((Asn1Sequence)derObj).GetEnumerator();
e.MoveNext();
BigInteger r = ((DerInteger)e.Current).Value;
e.MoveNext();
BigInteger s = ((DerInteger)e.Current).Value;
sm2Result = new SM2Result();
sm2Result.r = r;
sm2Result.s = s;
//System.out.println("vr: " + sm2Result.r.toString(16));
//System.out.println("vs: " + sm2Result.s.toString(16));
verifyVo.setVerify_r(sm2Result.r.ToByteArray().ToHexString());
verifyVo.setVerify_s(sm2Result.s.ToByteArray().ToHexString());
factory.sm2Verify(md, userKey, sm2Result.r, sm2Result.s, sm2Result);
var verifyFlag = sm2Result.r.Equals(sm2Result.R);
verifyVo.setVerify(verifyFlag);
return(verifyVo);
}
catch (ArgumentException e)
{
//throw e;
return(null);
}
catch (Exception e)
{
//throw e;
//e.printStackTrace();
return(null);
}
}
/// <summary>
/// 私钥签名,参数二:原串必须是hex!!!!因为是直接用于计算签名的,可能是SM3串,也可能是普通串转Hex
/// </summary>
/// <param name="priKey"></param>
/// <param name="sourceData"></param>
/// <returns></returns>
public static SM2SignVO genSM2Signature(String priKey, String sourceData)
{
SM2SignVO sign = SM2SignVerUtils.Sign2SM2(priKey.hexToByte(), sourceData.hexToByte());
return(sign);
}