.NET C# 实现国密算法加解密
- 概述
-
- [1. SM1](#1. SM1)
- [2. SM2](#2. SM2)
- [3. SM3](#3. SM3)
- [4. SM4](#4. SM4)
- [5. SM7](#5. SM7)
- [6. SM9](#6. SM9)
- [7. ZUC](#7. ZUC)
- C#代码实现
-
- [1 SM2](#1 SM2)
- [2 SM3](#2 SM3)
- [3 SM4](#3 SM4)
概述
国密算法(SM算法)是中国国家密码管理局制定的一系列密码算法标准。这些算法被广泛应用于各种信息安全领域,包括通信、电子商务、金融等。以下是主要的国密算法概述:
1. SM1
- 类型: 对称加密算法
- 特性: SM1是一种分组加密算法,具体的算法细节未公开,仅供特定用途。
- 用途: 主要用于国内敏感信息的加密,通常应用在需要高安全级别的场景。
2. SM2
- 类型: 公钥密码算法
- 特性: 基于椭圆曲线的公钥加密算法,支持数据加密和数字签名。相比于RSA,SM2在提供相同安全级别的同时,密钥长度更短,计算效率更高。
- 用途: 广泛应用于电子商务、电子政务、金融等领域,进行数据加密和数字签名。
3. SM3
- 类型: 哈希算法
- 特性: SM3是一种密码散列函数,用于生成数据的固定长度的哈希值。其设计参考了SHA-256,但在结构和安全性上有所改进。
- 用途: 数据完整性验证、数字签名中的哈希操作、信息摘要生成等。
4. SM4
- 类型: 对称加密算法
- 特性: SM4是一种分组密码算法,块大小为128位,密钥长度为128位。SM4的设计类似于AES,但具有独特的结构和算法特点。
- 用途: 用于无线局域网(WLAN)中的数据加密,以及其他需要对称加密的场景。
5. SM7
- 类型: 对称加密算法
- 特性: SM7是一种对称分组加密算法,具体的算法细节未公开,属于非公开标准。
- 用途: 主要用于特定的高安全需求场景。
6. SM9
- 类型: 身份基加密算法(IBE)
- 特性: SM9基于双线性对(pairing-based)的公钥密码算法,允许使用身份信息(如电子邮件地址)作为公钥进行加密和签名操作,简化了公钥基础设施(PKI)的管理。
- 用途: 适用于需要简化密钥管理的应用场景,如邮件加密、身份验证等。
7. ZUC
- 类型: 流加密算法
- 特性: ZUC是3GPP(第三代合作伙伴计划)标准的一部分,被用于LTE(长期演进)中的加密和完整性保护。ZUC算法提供高效的流加密操作,适用于高速数据传输环境。
- 用途: 主要用于移动通信中的数据加密和完整性保护,如4G和5G网络。
这些算法的共同特点是,设计时充分考虑了安全性、效率和适应性,能够满足现代信息系统中对加密和安全的需求。随着信息技术的发展,这些算法将在越来越多的领域中发挥重要作用。
C#代码实现
框架:.NET 6
依赖库:BouncyCastle.Cryptography 2.4.0
csharp
using Org.BouncyCastle.Asn1.GM;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Digests;
using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.Crypto.Generators;
using Org.BouncyCastle.Crypto.Modes;
using Org.BouncyCastle.Crypto.Paddings;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Security;
using System.Text;
1 SM2
csharp
static void SM2Test()
{
// 生成SM2密钥对
var keyPair = GenerateSm2KeyPair();
var privateKey = (ECPrivateKeyParameters)keyPair.Private;
var publicKey = (ECPublicKeyParameters)keyPair.Public;
Console.WriteLine("Private Key: " + privateKey);
Console.WriteLine("Public Key: " + publicKey);
// 原文
string plainText = "Hello SM2!";
Console.WriteLine("Original Text: " + plainText);
// 加密
byte[] cipherText = Sm2Encrypt(publicKey, Encoding.UTF8.GetBytes(plainText));
Console.WriteLine("Encrypted Text: " + BitConverter.ToString(cipherText).Replace("-", ""));
// 解密
byte[] decryptedText = Sm2Decrypt(privateKey, cipherText);
Console.WriteLine("Decrypted Text: " + Encoding.UTF8.GetString(decryptedText));
}
public static AsymmetricCipherKeyPair GenerateSm2KeyPair()
{
var keyGen = new ECKeyPairGenerator();
var secureRandom = new SecureRandom();
var domainParams = new ECDomainParameters(GMNamedCurves.GetByName("sm2p256v1"));
var keyGenParam = new ECKeyGenerationParameters(domainParams, secureRandom);
keyGen.Init(keyGenParam);
return keyGen.GenerateKeyPair();
}
public static byte[] Sm2Encrypt(ECPublicKeyParameters publicKey, byte[] data)
{
var engine = new SM2Engine();
engine.Init(true, new ParametersWithRandom(publicKey, new SecureRandom()));
return engine.ProcessBlock(data, 0, data.Length);
}
public static byte[] Sm2Decrypt(ECPrivateKeyParameters privateKey, byte[] encryptedData)
{
var engine = new SM2Engine();
engine.Init(false, privateKey);
return engine.ProcessBlock(encryptedData, 0, encryptedData.Length);
}
2 SM3
csharp
static void SM3Test()
{
string plainText = "Hello SM3!";
Console.WriteLine("Original Text: " + plainText);
byte[] hash = Sm3Hash(Encoding.UTF8.GetBytes(plainText));
Console.WriteLine("Hash: " + BitConverter.ToString(hash).Replace("-", ""));
}
public static byte[] Sm3Hash(byte[] data)
{
SM3Digest digest = new SM3Digest();
digest.BlockUpdate(data, 0, data.Length);
byte[] result = new byte[digest.GetDigestSize()];
digest.DoFinal(result, 0);
return result;
}
3 SM4
csharp
static void Sm4Test()
{
string plainText = "Hello SM4!";
string key = "1234567890abcdef"; // 16 bytes key for SM4
string iv = "abcdef1234567890"; // 16 bytes IV for CBC mode
Console.WriteLine("Original Text: " + plainText);
// CBC Mode
byte[] cbcCipherText = Sm4CbcEncrypt(Encoding.UTF8.GetBytes(plainText), Encoding.UTF8.GetBytes(key), Encoding.UTF8.GetBytes(iv));
Console.WriteLine("CBC Encrypted Text: " + BitConverter.ToString(cbcCipherText).Replace("-", ""));
byte[] cbcDecryptedText = Sm4CbcDecrypt(cbcCipherText, Encoding.UTF8.GetBytes(key), Encoding.UTF8.GetBytes(iv));
Console.WriteLine("CBC Decrypted Text: " + Encoding.UTF8.GetString(cbcDecryptedText));
// ECB Mode
byte[] ecbCipherText = Sm4EcbEncrypt(Encoding.UTF8.GetBytes(plainText), Encoding.UTF8.GetBytes(key));
Console.WriteLine("ECB Encrypted Text: " + BitConverter.ToString(ecbCipherText).Replace("-", ""));
byte[] ecbDecryptedText = Sm4EcbDecrypt(cbcCipherText, Encoding.UTF8.GetBytes(key));
Console.WriteLine("ECB Decrypted Text: " + Encoding.UTF8.GetString(ecbDecryptedText));
// CFB Mode
byte[] cfbCipherText = Sm4CfbEncrypt(Encoding.UTF8.GetBytes(plainText), Encoding.UTF8.GetBytes(key), Encoding.UTF8.GetBytes(iv));
Console.WriteLine("CFB Encrypted Text: " + BitConverter.ToString(cfbCipherText).Replace("-", ""));
byte[] cfbDecryptedText = Sm4CfbDecrypt(cfbCipherText, Encoding.UTF8.GetBytes(key), Encoding.UTF8.GetBytes(iv));
Console.WriteLine("CFB Decrypted Text: " + Encoding.UTF8.GetString(cfbDecryptedText));
// OFB Mode
byte[] ofbCipherText = Sm4OfbEncrypt(Encoding.UTF8.GetBytes(plainText), Encoding.UTF8.GetBytes(key), Encoding.UTF8.GetBytes(iv));
Console.WriteLine("OFB Encrypted Text: " + BitConverter.ToString(ofbCipherText).Replace("-", ""));
byte[] ofbDecryptedText = Sm4OfbDecrypt(ofbCipherText, Encoding.UTF8.GetBytes(key), Encoding.UTF8.GetBytes(iv));
Console.WriteLine("OFB Decrypted Text: " + Encoding.UTF8.GetString(ofbDecryptedText));
}
public static byte[] Sm4OfbEncrypt(byte[] data, byte[] key, byte[] iv)
{
var engine = new PaddedBufferedBlockCipher(new OfbBlockCipher(new SM4Engine(), 128), new Pkcs7Padding());
engine.Init(true, new ParametersWithIV(new KeyParameter(key), iv));
return engine.DoFinal(data);
}
public static byte[] Sm4OfbDecrypt(byte[] cipherData, byte[] key, byte[] iv)
{
var engine = new PaddedBufferedBlockCipher(new OfbBlockCipher(new SM4Engine(), 128), new Pkcs7Padding());
engine.Init(false, new ParametersWithIV(new KeyParameter(key), iv));
return engine.DoFinal(cipherData);
}
public static byte[] Sm4CfbEncrypt(byte[] data, byte[] key, byte[] iv)
{
var engine = new PaddedBufferedBlockCipher(new CfbBlockCipher(new SM4Engine(), 128), new Pkcs7Padding());
engine.Init(true, new ParametersWithIV(new KeyParameter(key), iv));
return engine.DoFinal(data);
}
public static byte[] Sm4CfbDecrypt(byte[] cipherData, byte[] key, byte[] iv)
{
var engine = new PaddedBufferedBlockCipher(new CfbBlockCipher(new SM4Engine(), 128), new Pkcs7Padding());
engine.Init(false, new ParametersWithIV(new KeyParameter(key), iv));
return engine.DoFinal(cipherData);
}
public static byte[] Sm4EcbEncrypt(byte[] data, byte[] key)
{
var engine = new PaddedBufferedBlockCipher(new EcbBlockCipher(new SM4Engine()), new Pkcs7Padding());
engine.Init(true, new KeyParameter(key));
return engine.DoFinal(data);
}
public static byte[] Sm4EcbDecrypt(byte[] cipherData, byte[] key)
{
var engine = new PaddedBufferedBlockCipher(new EcbBlockCipher(new SM4Engine()), new Pkcs7Padding());
engine.Init(false, new KeyParameter(key));
return engine.DoFinal(cipherData);
}
public static byte[] Sm4CbcEncrypt(byte[] data, byte[] key, byte[] iv)
{
var engine = new SM4Engine();
var blockCipher = new CbcBlockCipher(engine);
var cipher = new PaddedBufferedBlockCipher(blockCipher);
cipher.Init(true, new ParametersWithIV(new KeyParameter(key), iv));
return cipher.DoFinal(data);
}
public static byte[] Sm4CbcDecrypt(byte[] cipherData, byte[] key, byte[] iv)
{
var engine = new SM4Engine();
var blockCipher = new CbcBlockCipher(engine);
var cipher = new PaddedBufferedBlockCipher(blockCipher);
cipher.Init(false, new ParametersWithIV(new KeyParameter(key), iv));
return cipher.DoFinal(cipherData);
}