import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.CryptoException;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.engines.SM2Engine;
import org.bouncycastle.crypto.engines.SM2Engine.Mode;
import org.bouncycastle.crypto.params.*;
import org.bouncycastle.crypto.signers.SM2Signer;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
import org.bouncycastle.math.ec.ECPoint;
import org.bouncycastle.math.ec.custom.gm.SM2P256V1Curve;
import java.math.BigInteger;
import java.security.SecureRandom;
public final class SM2Utils
{
private static final String SM2_ECC_GY_VAL = "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0";
private static final String SM2_ECC_GX_VAL = "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7";
private static final SM2P256V1Curve CURVE = new SM2P256V1Curve();
private final static BigInteger SM2_ECC_N = CURVE.getOrder();
private final static BigInteger SM2_ECC_H = CURVE.getCofactor();
private final static BigInteger SM2_ECC_GX = new BigInteger(SM2_ECC_GX_VAL, 16);
private final static BigInteger SM2_ECC_GY = new BigInteger(SM2_ECC_GY_VAL, 16);
private static final ECPoint G_POINT = CURVE.createPoint(SM2_ECC_GX, SM2_ECC_GY);
private static final ECDomainParameters DOMAIN_PARAMS = new ECDomainParameters(CURVE, G_POINT, SM2_ECC_N, SM2_ECC_H);
private SM2Utils()
{
}
public static AsymmetricCipherKeyPair generateKeyPairParameter()
{
final SecureRandom random = new SecureRandom();
return BCECUtils.generateKeyPairParameter(DOMAIN_PARAMS, random);
}
public static byte[] encrypt(final BCECPublicKey pubKey, final byte[] srcData) throws InvalidCipherTextException
{
return encrypt(Mode.C1C3C2, pubKey, srcData);
}
public static byte[] encrypt(final ECPublicKeyParameters pubKeyParams, final byte[] srcData) throws InvalidCipherTextException
{
return encrypt(Mode.C1C3C2, pubKeyParams, srcData);
}
public static byte[] decrypt(final BCECPrivateKey priKey, final byte[] sm2Cipher) throws InvalidCipherTextException
{
return decrypt(Mode.C1C3C2, priKey, sm2Cipher);
}
public static byte[] decrypt(final ECPrivateKeyParameters priKeyParams, final byte[] sm2Cipher)
throws InvalidCipherTextException
{
return decrypt(Mode.C1C3C2, priKeyParams, sm2Cipher);
}
public static byte[] sign(BCECPrivateKey priKey, byte[] srcData) throws CryptoException
{
return sign(priKey, null, srcData);
}
public static byte[] sign(final ECPrivateKeyParameters priKeyParams, final byte[] srcData) throws CryptoException
{
return sign(priKeyParams, null, srcData);
}
public static boolean verify(final BCECPublicKey pubKey, final byte[] srcData, final byte[] sign)
{
return verify(pubKey, null, srcData, sign);
}
public static boolean verify(final ECPublicKeyParameters pubKeyParams, final byte[] srcData, final byte[] sign)
{
return verify(pubKeyParams, null, srcData, sign);
}
private static byte[] encrypt(final Mode mode, final BCECPublicKey pubKey, final byte[] srcData)
throws InvalidCipherTextException
{
final ECPublicKeyParameters pubKeyParams = BCECUtils.convertPublicKeyToParameters(pubKey);
return encrypt(mode, pubKeyParams, srcData);
}
private static byte[] encrypt(final Mode mode, final ECPublicKeyParameters pubKeyParams, final byte[] srcData)
throws InvalidCipherTextException
{
final SM2Engine engine = new SM2Engine(mode);
final ParametersWithRandom pwr = new ParametersWithRandom(pubKeyParams, new SecureRandom());
engine.init(true, pwr);
return engine.processBlock(srcData, 0, srcData.length);
}
private static boolean verify(final BCECPublicKey pubKey, final byte[] withId, final byte[] srcData, final byte[] sign)
{
final ECPublicKeyParameters pubKeyParams = BCECUtils.convertPublicKeyToParameters(pubKey);
return verify(pubKeyParams, withId, srcData, sign);
}
private static byte[] decrypt(final Mode mode, final BCECPrivateKey priKey, final byte[] sm2Cipher)
throws InvalidCipherTextException
{
final ECPrivateKeyParameters priKeyParams = BCECUtils.convertPrivateKeyToParameters(priKey);
return decrypt(mode, priKeyParams, sm2Cipher);
}
private static byte[] decrypt(final Mode mode, final ECPrivateKeyParameters priKeyParams, final byte[] sm2Cipher)
throws InvalidCipherTextException
{
final SM2Engine engine = new SM2Engine(mode);
engine.init(false, priKeyParams);
return engine.processBlock(sm2Cipher, 0, sm2Cipher.length);
}
private static byte[] sign(final BCECPrivateKey priKey, final byte[] withId, final byte[] srcData) throws CryptoException
{
final ECPrivateKeyParameters priKeyParams = BCECUtils.convertPrivateKeyToParameters(priKey);
return sign(priKeyParams, withId, srcData);
}
private static byte[] sign(final ECPrivateKeyParameters priKeyParams, final byte[] withId, final byte[] srcData)
throws CryptoException
{
SM2Signer signer = new SM2Signer();
CipherParameters param = null;
ParametersWithRandom pwr = new ParametersWithRandom(priKeyParams, new SecureRandom());
if (withId != null)
{
param = new ParametersWithID(pwr, withId);
}
else
{
param = pwr;
}
signer.init(true, param);
signer.update(srcData, 0, srcData.length);
return signer.generateSignature();
}
private static boolean verify(final ECPublicKeyParameters pubKeyParams, final byte[] withId, final byte[] srcData,
final byte[] sign)
{
final SM2Signer signer = new SM2Signer();
CipherParameters param;
if (withId != null)
{
param = new ParametersWithID(pubKeyParams, withId);
}
else
{
param = pubKeyParams;
}
signer.init(false, param);
signer.update(srcData, 0, srcData.length);
return signer.verifySignature(sign);
}
}
