后端工具类
@Data
@AllArgsConstructor
static class SM2KeyPair {
// 公钥
private String publicKey;
// 前端公钥
private String publicQKey;
// 私钥
private String privateKey;
}
// 生成密钥对
public static SM2KeyPair getSm2KeyPair() {
SM2 sm2= SmUtil.sm2();
// 公钥
String publickey=sm2.getPublicKeybase64();
// 前端公钥
String publicQkey = HexUtil.encodeHexStr(((BCECPublicKey)sm2.getPublicKey()).getQ().getEncoded(false));
// 私钥
String privatekey=sm2.getPrivateKeybase64();
return new SM2KeyPair(publickey,publicQkey,privatekey);
}
// 公钥加密
public static String encrypt(String data, String publickey) {
SM2 sm2=SmUtil.sm2(null,publickey);
String encryptStr = sm2.encryptBcd(data, KeyType.PublicKey);
return encryptStr;
}
// 私钥解密 公钥加密密文
public static String decrypt(String encryptStr, String privatekey){
if(!encryptStr.startsWith("04")){
encryptStr="04".concat(encryptStr);
}
SM2 sm2=SmUtil.sm2(privatekey,null);
String decryptStr = StrUtil.utf8Str(sm2.decryptFromBcd(encryptStr, KeyType.PrivateKey));
return decryptStr;
}
// 私钥签名
public static String signByPrivateKey(String data, String privatekey){
SM2 sm2= SmUtil.sm2(privatekey,null);
String sign = sm2.signHex(HexUtil.encodeHexStr(data));
return sign;
}
// 公钥验签
public static boolean verifyByPublicKey(String data, String publickey, String signature){
SM2 sm2= SmUtil.sm2(null,publickey);
boolean verify = sm2.verifyHex(HexUtil.encodeHexStr(data), signature);
return verify;
}
生成密钥对:
// 创建私钥、公钥
SM2KeyPair sm2KeyPair = getSm2KeyPair();
// 后端公钥
String publickey = sm2KeyPair.getPublicKey();
// 前端公钥
String publicQkey = sm2KeyPair.getPublicQKey()
// 后端私钥
String privateKey = sm2KeyPair.getPrivateKey();
System.out.println("公钥:" + publickey);
System.out.println("私钥:" + privateKey);
System.out.println("------------------");
System.out.println("公钥(前端):" + publicQkey);
公钥:MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEq+OqrQd71xbWD50ks7zfikU7ec64O8fp0d6yuEbadmURoZl4P07I1aEm4bjGvxmP6XP65tqNJWgTDomLhvrpUQ==
私钥:MIGTAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBHkwdwIBAQQgn1ABWedtUoujWXCCwMfKnCXLgj1riMWf/S2SB6xodZKgCgYIKoEcz1UBgi2hRANCAASr46qtB3vXFtYPnSSzvN+KRTt5zrg7x+nR3rK4Rtp2ZRGhmXg/TsjVoSbhuMa/GY/pc/rm2o0laBMOiYuG+ulR
------------------
公钥(前端):04abe3aaad077bd716d60f9d24b3bcdf8a453b79ceb83bc7e9d1deb2b846da766511a199783f4ec8d5a126e1b8c6bf198fe973fae6da8d2568130e898b86fae951
前端使用前端公钥加密
const sm2 = require('sm-crypto').sm2
// 明文
const msgString = '123456abcd你好'
// 公钥(base64)
const publicKey = '04abe3aaad077bd716d60f9d24b3bcdf8a453b79ceb83bc7e9d1deb2b846da766511a199783f4ec8d5a126e1b8c6bf198fe973fae6da8d2568130e898b86fae951'
// 加密
let encryptData = sm2.doEncrypt(msgString, publicKey) // 加密结果
console.log('密文:')
console.log(encryptData)
// 密文由后端通过私钥解密
密文:
0ed81be5ba87e0eccdf04ff75e2ce2b75cb9679a237622e2af115311f426437298e39d5a1619429952cc824a4199c50db6b86524a4fbeb224f9be5012ac6c0bc1f6750eb742459b4577ca3a3873463254aea629032d6e7ce4419b981c9fc24eee73ce33fc7ca42064c464fbb399660c1
后端解密
// 后端密钥
String privateKey = "MIGTAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBHkwdwIBAQQgn1ABWedtUoujWXCCwMfKnCXLgj1riMWf/S2SB6xodZKgCgYIKoEcz1UBgi2hRANCAASr46qtB3vXFtYPnSSzvN+KRTt5zrg7x+nR3rK4Rtp2ZRGhmXg/TsjVoSbhuMa/GY/pc/rm2o0laBMOiYuG+ulR";
// 密文
String encryptStr = "0e6f7da2aabd4ead9d0aee5e85ba72bdd20f49f28e0f6653674fe235250eec9227c4dec6211289623f77563092fa7c2f36a6fb675eefee7fcb1185cf14c31bb1153875168487f23a400d0e9d25f71d37228cf1c42b76a1a6816771b5169af56c7194fd3c9d3ed7dc5f8bfa063de7b849";
// 解密
String decrypt = decrypt(encryptStr, privateKey);
System.out.println(decrypt);
123456abcd你好
