首页 › C#论坛 › C#.NET 国密SM2 加密解密 与JAVA互通 ver:20230805

陈北海 發表於 2023-8-5 16:27:00

C#.NET 国密SM2 加密解密 与JAVA互通 ver:20230805

<p>C#.NET 国密SM2 加密解密 与JAVA互通 ver:20230805</p>
<p>&nbsp;</p>
<p>.NET 环境：.NET6 控制台程序(.net core)。</p>
<p>JAVA 环境：JAVA8，带maven 的JAVA控制台程序。</p>
<p>&nbsp;</p>
<p>简要解析：<br>1.最好要到对方源码(DEMO+JAR包也可以)，可以用IDEA反编译（Ctrl+鼠标左键），看它过程逻辑和加密结果格式。</p>
<p>2.加密结果顺序：早期是 C1C2C3，后期是C1C3C2 ，双方得约定好。</p>
<p>3.加密结果：BASE64字符串或16进制字符串 ，双方得约定好。</p>
<p>4. .NET BC库SM2加密结果会带04，如果JAVA 那边报 Invalid point encoding 错误，删除加密结果前的04。如果对方要的是BASE64的加密结果，我们可以先转16进制字符串，裁掉04，再转BASE64。<br>string newCipherText = Hex.ToHexString(bysm2keyEncrypted);<br>if (newCipherText.StartsWith("04"))<br>{<br>        newCipherText = newCipherText.Substring(2);<br>}<br>                        <br>5. .NETBC库解密，密文前要加 “04”，否则会报 Invalid point encoding XX        。如果加密结果是BASE64的，先把BASE64转16进制字符串，再判断是否04开头。<br> 如果JAVA源码，固定截取的头2位，那么就不用判断是否04开头了，直接写死：javaSM2 = "04" + javaSM2;</p>
<p>&nbsp;</p>
<p>生成一组国密公私钥：</p>
<p>私钥：FAB8BBE670FAE338C9E9382B9FB6485225C11A3ECB84C938F10F20A93B6215F0</p>
<p>公钥：049EF573019D9A03B16B0BE44FC8A5B4E8E098F56034C97B312282DD0B4810AFC3CC759673ED0FC9B9DC7E6FA38F0E2B121E02654BF37EA6B63FAF2A0D6013EADF</p>
<p>&nbsp;本例是：C1C3C2。</p>
<p>//GmUtil.Sm2Encrypt 对应 C1C3C2<br>    // GmUtil.Sm2EncryptOld ：C1C2C3</p>
<p>&nbsp;</p>
<p>.NET 代码：</p>
<p>GmUtil 工具类，需要nuget下载 Portable.BouncyCastle 1.9.0 版本：</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Asn1;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Asn1.GM;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Asn1.X9;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Crypto;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Crypto.Digests;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Crypto.Engines;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Crypto.Generators;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Crypto.Parameters;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Math;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Security;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Utilities;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Utilities.Encoders;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.X509;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> System;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> System.Collections.Generic;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> System.IO;

</span><span style="color: rgba(0, 0, 255, 1)">namespace</span><span style="color: rgba(0, 0, 0, 1)"> CommonUtils
{
    </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
   * need lib:
   * BouncyCastle.Crypto.dll（</span><span style="color: rgba(0, 128, 0, 1); text-decoration: underline">http://www.bouncycastle.org/csharp/index.html</span><span style="color: rgba(0, 128, 0, 1)">）
      
   * 用BC的注意点：
   * 这个版本的BC对SM3withSM2的结果为asn1格式的r和s，如果需要直接拼接的r||s需要自己转换。下面rsAsn1ToPlainByteArray、rsPlainByteArrayToAsn1就在干这事。
   * 这个版本的BC对SM2的结果为C1||C2||C3，据说为旧标准，新标准为C1||C3||C2，用新标准的需要自己转换。下面（被注释掉的）changeC1C2C3ToC1C3C2、changeC1C3C2ToC1C2C3就在干这事。java版的高版本有加上C1C3C2，csharp版没准以后也会加，但目前还没有，java版的目前可以初始化时“ SM2Engine sm2Engine = new SM2Engine(SM2Engine.Mode.C1C3C2);”。
   *
   * 按要求国密算法仅允许使用加密机，本demo国密算法仅供学习使用，请不要用于生产用途。
   </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
    <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">class</span><span style="color: rgba(0, 0, 0, 1)"> GmUtil
    {

      </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">private static readonly ILog log = LogManager.GetLogger(typeof(GmUtil));</span>

      <span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> X9ECParameters x9ECParameters = GMNamedCurves.GetByName(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">sm2p256v1</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
      </span><span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> ECDomainParameters ecDomainParameters = <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N);

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         *
         * @param msg
         * @param userId
         * @param privateKey
         * @return r||s，直接拼接byte数组的rs
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] SignSm3WithSm2(<span style="color: rgba(0, 0, 255, 1)">byte</span>[] msg, <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] userId, AsymmetricKeyParameter privateKey)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> RsAsn1ToPlainByteArray(SignSm3WithSm2Asn1Rs(msg, userId, privateKey));
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
          * @param msg
          * @param userId
          * @param privateKey
          * @return rs in &lt;b&gt;asn1 format&lt;/b&gt;
          </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] SignSm3WithSm2Asn1Rs(<span style="color: rgba(0, 0, 255, 1)">byte</span>[] msg, <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] userId, AsymmetricKeyParameter privateKey)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                ISigner signer </span>= SignerUtilities.GetSigner(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM3withSM2</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
                signer.Init(</span><span style="color: rgba(0, 0, 255, 1)">true</span>, <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> ParametersWithID(privateKey, userId));
                signer.BlockUpdate(msg, </span><span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">, msg.Length);
                </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] sig =<span style="color: rgba(0, 0, 0, 1)"> signer.GenerateSignature();
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> sig;
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("SignSm3WithSm2Asn1Rs error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
      *
      * @param msg
      * @param userId
      * @param rs r||s，直接拼接byte数组的rs
      * @param publicKey
      * @return
      </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">bool</span> VerifySm3WithSm2(<span style="color: rgba(0, 0, 255, 1)">byte</span>[] msg, <span style="color: rgba(0, 0, 255, 1)">byte</span>[] userId, <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] rs, AsymmetricKeyParameter publicKey)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (rs == <span style="color: rgba(0, 0, 255, 1)">null</span> || msg == <span style="color: rgba(0, 0, 255, 1)">null</span> || userId == <span style="color: rgba(0, 0, 255, 1)">null</span>) <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">;
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (rs.Length != RS_LEN * <span style="color: rgba(128, 0, 128, 1)">2</span>) <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">;
            </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> VerifySm3WithSm2Asn1Rs(msg, userId, RsPlainByteArrayToAsn1(rs), publicKey);
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         *
         * @param msg
         * @param userId
         * @param rs in &lt;b&gt;asn1 format&lt;/b&gt;
         * @param publicKey
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>

      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">bool</span> VerifySm3WithSm2Asn1Rs(<span style="color: rgba(0, 0, 255, 1)">byte</span>[] msg, <span style="color: rgba(0, 0, 255, 1)">byte</span>[] userId, <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] sign, AsymmetricKeyParameter publicKey)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                ISigner signer </span>= SignerUtilities.GetSigner(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM3withSM2</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
                signer.Init(</span><span style="color: rgba(0, 0, 255, 1)">false</span>, <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> ParametersWithID(publicKey, userId));
                signer.BlockUpdate(msg, </span><span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">, msg.Length);
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> signer.VerifySignature(sign);
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("VerifySm3WithSm2Asn1Rs error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * bc加解密使用旧标c1||c2||c3，此方法在加密后调用，将结果转化为c1||c3||c2
         * @param c1c2c3
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] ChangeC1C2C3ToC1C3C2(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] c1c2c3)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">int</span> c1Len = (x9ECParameters.Curve.FieldSize + <span style="color: rgba(128, 0, 128, 1)">7</span>) / <span style="color: rgba(128, 0, 128, 1)">8</span> * <span style="color: rgba(128, 0, 128, 1)">2</span> + <span style="color: rgba(128, 0, 128, 1)">1</span>; <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">sm2p256v1的这个固定65。可看GMNamedCurves、ECCurve代码。</span>
            <span style="color: rgba(0, 0, 255, 1)">const</span> <span style="color: rgba(0, 0, 255, 1)">int</span> c3Len = <span style="color: rgba(128, 0, 128, 1)">32</span>; <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">new SM3Digest().getDigestSize();</span>
            <span style="color: rgba(0, 0, 255, 1)">byte</span>[] result = <span style="color: rgba(0, 0, 255, 1)">new</span> <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">;
            Buffer.BlockCopy(c1c2c3, </span><span style="color: rgba(128, 0, 128, 1)">0</span>, result, <span style="color: rgba(128, 0, 128, 1)">0</span>, c1Len); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">c1</span>
            Buffer.BlockCopy(c1c2c3, c1c2c3.Length - c3Len, result, c1Len, c3Len); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">c3</span>
            Buffer.BlockCopy(c1c2c3, c1Len, result, c1Len + c3Len, c1c2c3.Length - c1Len - c3Len); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">c2</span>
            <span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> result;
      }


      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * bc加解密使用旧标c1||c3||c2，此方法在解密前调用，将密文转化为c1||c2||c3再去解密
         * @param c1c3c2
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] ChangeC1C3C2ToC1C2C3(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] c1c3c2)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">int</span> c1Len = (x9ECParameters.Curve.FieldSize + <span style="color: rgba(128, 0, 128, 1)">7</span>) / <span style="color: rgba(128, 0, 128, 1)">8</span> * <span style="color: rgba(128, 0, 128, 1)">2</span> + <span style="color: rgba(128, 0, 128, 1)">1</span>; <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">sm2p256v1的这个固定65。可看GMNamedCurves、ECCurve代码。</span>
            <span style="color: rgba(0, 0, 255, 1)">const</span> <span style="color: rgba(0, 0, 255, 1)">int</span> c3Len = <span style="color: rgba(128, 0, 128, 1)">32</span>; <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">new SM3Digest().GetDigestSize();</span>
            <span style="color: rgba(0, 0, 255, 1)">byte</span>[] result = <span style="color: rgba(0, 0, 255, 1)">new</span> <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">;
            Buffer.BlockCopy(c1c3c2, </span><span style="color: rgba(128, 0, 128, 1)">0</span>, result, <span style="color: rgba(128, 0, 128, 1)">0</span>, c1Len); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">c1: 0-&gt;65</span>
            Buffer.BlockCopy(c1c3c2, c1Len + c3Len, result, c1Len, c1c3c2.Length - c1Len - c3Len); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">c2</span>
            Buffer.BlockCopy(c1c3c2, c1Len, result, c1c3c2.Length - c3Len, c3Len); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">c3</span>
            <span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> result;
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * c1||c3||c2
         * @param data
         * @param key
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] Sm2Decrypt(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] data, AsymmetricKeyParameter key)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> Sm2DecryptOld(ChangeC1C3C2ToC1C2C3(data), key);
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * c1||c3||c2
         * @param data
         * @param key
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>

      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] Sm2Encrypt(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] data, AsymmetricKeyParameter key)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> ChangeC1C2C3ToC1C3C2(Sm2EncryptOld(data, key));
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * c1||c2||c3
         * @param data
         * @param key
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] Sm2EncryptOld(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] data, AsymmetricKeyParameter pubkey)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                SM2Engine sm2Engine </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> SM2Engine();
                sm2Engine.Init(</span><span style="color: rgba(0, 0, 255, 1)">true</span>, <span style="color: rgba(0, 0, 255, 1)">new</span> ParametersWithRandom(pubkey, <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> SecureRandom()));
                </span><span style="color: rgba(0, 0, 255, 1)">return</span> sm2Engine.ProcessBlock(data, <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">, data.Length);
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("Sm2EncryptOld error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * c1||c2||c3
         * @param data
         * @param key
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] Sm2DecryptOld(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] data, AsymmetricKeyParameter key)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                SM2Engine sm2Engine </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> SM2Engine();
                sm2Engine.Init(</span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">, key);
                </span><span style="color: rgba(0, 0, 255, 1)">return</span> sm2Engine.ProcessBlock(data, <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">, data.Length);
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("Sm2DecryptOld error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * @param bytes
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] Sm3(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] bytes)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                SM3Digest digest </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> SM3Digest();
                digest.BlockUpdate(bytes, </span><span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">, bytes.Length);
                </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] result =<span style="color: rgba(0, 0, 0, 1)"> DigestUtilities.DoFinal(digest);
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> result;
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("Sm3 error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">const</span> <span style="color: rgba(0, 0, 255, 1)">int</span> RS_LEN = <span style="color: rgba(128, 0, 128, 1)">32</span><span style="color: rgba(0, 0, 0, 1)">;

      </span><span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] BigIntToFixexLengthBytes(BigInteger rOrS)
      {
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> for sm2p256v1, n is 00fffffffeffffffffffffffffffffffff7203df6b21c6052b53bbf40939d54123,
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> r and s are the result of mod n, so they should be less than n and have length&lt;=32</span>
            <span style="color: rgba(0, 0, 255, 1)">byte</span>[] rs =<span style="color: rgba(0, 0, 0, 1)"> rOrS.ToByteArray();
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (rs.Length == RS_LEN) <span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> rs;
            </span><span style="color: rgba(0, 0, 255, 1)">else</span> <span style="color: rgba(0, 0, 255, 1)">if</span> (rs.Length == RS_LEN + <span style="color: rgba(128, 0, 128, 1)">1</span> &amp;&amp; rs[<span style="color: rgba(128, 0, 128, 1)">0</span>] == <span style="color: rgba(128, 0, 128, 1)">0</span>) <span style="color: rgba(0, 0, 255, 1)">return</span> Arrays.CopyOfRange(rs, <span style="color: rgba(128, 0, 128, 1)">1</span>, RS_LEN + <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">);
            </span><span style="color: rgba(0, 0, 255, 1)">else</span> <span style="color: rgba(0, 0, 255, 1)">if</span> (rs.Length &lt;<span style="color: rgba(0, 0, 0, 1)"> RS_LEN)
            {
                </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] result = <span style="color: rgba(0, 0, 255, 1)">new</span> <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">;
                Arrays.Fill(result, (</span><span style="color: rgba(0, 0, 255, 1)">byte</span>)<span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">);
                Buffer.BlockCopy(rs, </span><span style="color: rgba(128, 0, 128, 1)">0</span>, result, RS_LEN -<span style="color: rgba(0, 0, 0, 1)"> rs.Length, rs.Length);
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> result;
            }
            </span><span style="color: rgba(0, 0, 255, 1)">else</span><span style="color: rgba(0, 0, 0, 1)">
            {
                </span><span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> ArgumentException(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">err rs: </span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> Hex.ToHexString(rs));
            }
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * BC的SM3withSM2签名得到的结果的rs是asn1格式的，这个方法转化成直接拼接r||s
         * @param rsDer rs in asn1 format
         * @return sign result in plain byte array
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] RsAsn1ToPlainByteArray(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] rsDer)
      {
            Asn1Sequence seq </span>=<span style="color: rgba(0, 0, 0, 1)"> Asn1Sequence.GetInstance(rsDer);
            </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] r = BigIntToFixexLengthBytes(DerInteger.GetInstance(seq[<span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">]).Value);
            </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] s = BigIntToFixexLengthBytes(DerInteger.GetInstance(seq[<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">]).Value);
            </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] result = <span style="color: rgba(0, 0, 255, 1)">new</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>;
            Buffer.BlockCopy(r, </span><span style="color: rgba(128, 0, 128, 1)">0</span>, result, <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">, r.Length);
            Buffer.BlockCopy(s, </span><span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">, result, RS_LEN, s.Length);
            </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> result;
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * BC的SM3withSM2验签需要的rs是asn1格式的，这个方法将直接拼接r||s的字节数组转化成asn1格式
         * @param sign in plain byte array
         * @return rs result in asn1 format
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] RsPlainByteArrayToAsn1(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] sign)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (sign.Length != RS_LEN * <span style="color: rgba(128, 0, 128, 1)">2</span>) <span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> ArgumentException(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">err rs. </span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            BigInteger r </span>= <span style="color: rgba(0, 0, 255, 1)">new</span> BigInteger(<span style="color: rgba(128, 0, 128, 1)">1</span>, Arrays.CopyOfRange(sign, <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">, RS_LEN));
            BigInteger s </span>= <span style="color: rgba(0, 0, 255, 1)">new</span> BigInteger(<span style="color: rgba(128, 0, 128, 1)">1</span>, Arrays.CopyOfRange(sign, RS_LEN, RS_LEN * <span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">));
            Asn1EncodableVector v </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> Asn1EncodableVector();
            v.Add(</span><span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> DerInteger(r));
            v.Add(</span><span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> DerInteger(s));
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                </span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">new</span> DerSequence(v).GetEncoded(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">DER</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (IOException e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("RsPlainByteArrayToAsn1 error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span><span style="color: rgba(0, 0, 0, 1)"> AsymmetricCipherKeyPair GenerateKeyPair()
      {
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                ECKeyPairGenerator kpGen </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> ECKeyPairGenerator();
                kpGen.Init(</span><span style="color: rgba(0, 0, 255, 1)">new</span> ECKeyGenerationParameters(ecDomainParameters, <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> SecureRandom()));
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> kpGen.GenerateKeyPair();
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("generateKeyPair error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span><span style="color: rgba(0, 0, 0, 1)"> ECPrivateKeyParameters GetPrivatekeyFromD(BigInteger d)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> ECPrivateKeyParameters(d, ecDomainParameters);
      }

      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span><span style="color: rgba(0, 0, 0, 1)"> ECPublicKeyParameters GetPublickeyFromXY(BigInteger x, BigInteger y)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> ECPublicKeyParameters(x9ECParameters.Curve.CreatePoint(x, y), ecDomainParameters);
      }

      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span><span style="color: rgba(0, 0, 0, 1)"> AsymmetricKeyParameter GetPublickeyFromX509File(FileInfo file)
      {

            FileStream fileStream </span>= <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">file.DirectoryName + "\\" + file.Name</span>
                fileStream = <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> FileStream(file.FullName, FileMode.Open, FileAccess.Read);
                X509Certificate certificate </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> X509CertificateParser().ReadCertificate(fileStream);
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> certificate.GetPublicKey();
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error(file.Name + "读取失败，异常：" + e);</span>
<span style="color: rgba(0, 0, 0, 1)">            }
            </span><span style="color: rgba(0, 0, 255, 1)">finally</span><span style="color: rgba(0, 0, 0, 1)">
            {
                </span><span style="color: rgba(0, 0, 255, 1)">if</span> (fileStream != <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">)
                  fileStream.Close();
            }
            </span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
      }

      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">class</span><span style="color: rgba(0, 0, 0, 1)"> Sm2Cert
      {
            </span><span style="color: rgba(0, 0, 255, 1)">public</span><span style="color: rgba(0, 0, 0, 1)"> AsymmetricKeyParameter privateKey;
            </span><span style="color: rgba(0, 0, 255, 1)">public</span><span style="color: rgba(0, 0, 0, 1)"> AsymmetricKeyParameter publicKey;
            </span><span style="color: rgba(0, 0, 255, 1)">public</span><span style="color: rgba(0, 0, 0, 1)"> String certId;
      }

      </span><span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] ToByteArray(<span style="color: rgba(0, 0, 255, 1)">int</span><span style="color: rgba(0, 0, 0, 1)"> i)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] byteArray = <span style="color: rgba(0, 0, 255, 1)">new</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[<span style="color: rgba(128, 0, 128, 1)">4</span><span style="color: rgba(0, 0, 0, 1)">];
            byteArray[</span><span style="color: rgba(128, 0, 128, 1)">0</span>] = (<span style="color: rgba(0, 0, 255, 1)">byte</span>)(i &gt;&gt; <span style="color: rgba(128, 0, 128, 1)">24</span><span style="color: rgba(0, 0, 0, 1)">);
            byteArray[</span><span style="color: rgba(128, 0, 128, 1)">1</span>] = (<span style="color: rgba(0, 0, 255, 1)">byte</span>)((i &amp; <span style="color: rgba(128, 0, 128, 1)">0xFFFFFF</span>) &gt;&gt; <span style="color: rgba(128, 0, 128, 1)">16</span><span style="color: rgba(0, 0, 0, 1)">);
            byteArray[</span><span style="color: rgba(128, 0, 128, 1)">2</span>] = (<span style="color: rgba(0, 0, 255, 1)">byte</span>)((i &amp; <span style="color: rgba(128, 0, 128, 1)">0xFFFF</span>) &gt;&gt; <span style="color: rgba(128, 0, 128, 1)">8</span><span style="color: rgba(0, 0, 0, 1)">);
            byteArray[</span><span style="color: rgba(128, 0, 128, 1)">3</span>] = (<span style="color: rgba(0, 0, 255, 1)">byte</span>)(i &amp; <span style="color: rgba(128, 0, 128, 1)">0xFF</span><span style="color: rgba(0, 0, 0, 1)">);
            </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> byteArray;
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * 字节数组拼接
         *
         * @param params
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] Join(<span style="color: rgba(0, 0, 255, 1)">params</span> <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[][] byteArrays)
      {
            List</span>&lt;<span style="color: rgba(0, 0, 255, 1)">byte</span>&gt; byteSource = <span style="color: rgba(0, 0, 255, 1)">new</span> List&lt;<span style="color: rgba(0, 0, 255, 1)">byte</span>&gt;<span style="color: rgba(0, 0, 0, 1)">();
            </span><span style="color: rgba(0, 0, 255, 1)">for</span> (<span style="color: rgba(0, 0, 255, 1)">int</span> i = <span style="color: rgba(128, 0, 128, 1)">0</span>; i &lt; byteArrays.Length; i++<span style="color: rgba(0, 0, 0, 1)">)
            {
                byteSource.AddRange(byteArrays);
            }
            </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] data =<span style="color: rgba(0, 0, 0, 1)"> byteSource.ToArray();
            </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> data;
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * 密钥派生函数
         *
         * @param Z
         * @param klen
         *            生成klen字节数长度的密钥
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">private</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] KDF(<span style="color: rgba(0, 0, 255, 1)">byte</span>[] Z, <span style="color: rgba(0, 0, 255, 1)">int</span><span style="color: rgba(0, 0, 0, 1)"> klen)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">int</span> ct = <span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">;
            </span><span style="color: rgba(0, 0, 255, 1)">int</span> end = (<span style="color: rgba(0, 0, 255, 1)">int</span>)Math.Ceiling(klen * <span style="color: rgba(128, 0, 128, 1)">1.0</span> / <span style="color: rgba(128, 0, 128, 1)">32</span><span style="color: rgba(0, 0, 0, 1)">);
            List</span>&lt;<span style="color: rgba(0, 0, 255, 1)">byte</span>&gt; byteSource = <span style="color: rgba(0, 0, 255, 1)">new</span> List&lt;<span style="color: rgba(0, 0, 255, 1)">byte</span>&gt;<span style="color: rgba(0, 0, 0, 1)">();
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                </span><span style="color: rgba(0, 0, 255, 1)">for</span> (<span style="color: rgba(0, 0, 255, 1)">int</span> i = <span style="color: rgba(128, 0, 128, 1)">1</span>; i &lt; end; i++<span style="color: rgba(0, 0, 0, 1)">)
                {
                  byteSource.AddRange(GmUtil.Sm3(Join(Z, ToByteArray(ct))));
                  ct</span>++<span style="color: rgba(0, 0, 0, 1)">;
                }
                </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] last =<span style="color: rgba(0, 0, 0, 1)"> GmUtil.Sm3(Join(Z, ToByteArray(ct)));
                </span><span style="color: rgba(0, 0, 255, 1)">if</span> (klen % <span style="color: rgba(128, 0, 128, 1)">32</span> == <span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">)
                {
                  byteSource.AddRange(last);
                }
                </span><span style="color: rgba(0, 0, 255, 1)">else</span><span style="color: rgba(0, 0, 0, 1)">
                  byteSource.AddRange(Arrays.CopyOfRange(last, </span><span style="color: rgba(128, 0, 128, 1)">0</span>, klen % <span style="color: rgba(128, 0, 128, 1)">32</span><span style="color: rgba(0, 0, 0, 1)">));
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> byteSource.ToArray();
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("KDF error: " + e.Message, e);</span>
<span style="color: rgba(0, 0, 0, 1)">            }
            </span><span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
      }

      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] Sm4DecryptCBC(<span style="color: rgba(0, 0, 255, 1)">byte</span>[] keyBytes, <span style="color: rgba(0, 0, 255, 1)">byte</span>[] cipher, <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] iv, String algo)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (keyBytes.Length != <span style="color: rgba(128, 0, 128, 1)">16</span>) <span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> ArgumentException(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">err key length</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (cipher.Length % <span style="color: rgba(128, 0, 128, 1)">16</span> != <span style="color: rgba(128, 0, 128, 1)">0</span> &amp;&amp; algo.Contains(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">NoPadding</span><span style="color: rgba(128, 0, 0, 1)">"</span>)) <span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> ArgumentException(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">err data length</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);

            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                KeyParameter key </span>= ParameterUtilities.CreateKeyParameter(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM4</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">, keyBytes);
                IBufferedCipher c </span>=<span style="color: rgba(0, 0, 0, 1)"> CipherUtilities.GetCipher(algo);
                </span><span style="color: rgba(0, 0, 255, 1)">if</span> (iv == <span style="color: rgba(0, 0, 255, 1)">null</span>) iv =<span style="color: rgba(0, 0, 0, 1)"> ZeroIv(algo);
                c.Init(</span><span style="color: rgba(0, 0, 255, 1)">false</span>, <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> ParametersWithIV(key, iv));
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> c.DoFinal(cipher);
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("Sm4DecryptCBC error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }


      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] Sm4EncryptCBC(<span style="color: rgba(0, 0, 255, 1)">byte</span>[] keyBytes, <span style="color: rgba(0, 0, 255, 1)">byte</span>[] plain, <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] iv, String algo)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (keyBytes.Length != <span style="color: rgba(128, 0, 128, 1)">16</span>) <span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> ArgumentException(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">err key length</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (plain.Length % <span style="color: rgba(128, 0, 128, 1)">16</span> != <span style="color: rgba(128, 0, 128, 1)">0</span> &amp;&amp; algo.Contains(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">NoPadding</span><span style="color: rgba(128, 0, 0, 1)">"</span>)) <span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> ArgumentException(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">err data length</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);

            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                KeyParameter key </span>= ParameterUtilities.CreateKeyParameter(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM4</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">, keyBytes);
                IBufferedCipher c </span>=<span style="color: rgba(0, 0, 0, 1)"> CipherUtilities.GetCipher(algo);
                </span><span style="color: rgba(0, 0, 255, 1)">if</span> (iv == <span style="color: rgba(0, 0, 255, 1)">null</span>) iv =<span style="color: rgba(0, 0, 0, 1)"> ZeroIv(algo);
                c.Init(</span><span style="color: rgba(0, 0, 255, 1)">true</span>, <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> ParametersWithIV(key, iv));
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> c.DoFinal(plain);
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("Sm4EncryptCBC error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }


      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] Sm4EncryptECB(<span style="color: rgba(0, 0, 255, 1)">byte</span>[] keyBytes, <span style="color: rgba(0, 0, 255, 1)">byte</span>[] plain, <span style="color: rgba(0, 0, 255, 1)">string</span><span style="color: rgba(0, 0, 0, 1)"> algo)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (keyBytes.Length != <span style="color: rgba(128, 0, 128, 1)">16</span>) <span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> ArgumentException(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">err key length</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">NoPadding 的情况下需要校验数据长度是16的倍数.</span>
            <span style="color: rgba(0, 0, 255, 1)">if</span> (plain.Length % <span style="color: rgba(128, 0, 128, 1)">16</span> != <span style="color: rgba(128, 0, 128, 1)">0</span> &amp;&amp; algo.Contains(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">NoPadding</span><span style="color: rgba(128, 0, 0, 1)">"</span>)) <span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> ArgumentException(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">err data length</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);

            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                KeyParameter key </span>= ParameterUtilities.CreateKeyParameter(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM4</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">, keyBytes);
                IBufferedCipher c </span>=<span style="color: rgba(0, 0, 0, 1)"> CipherUtilities.GetCipher(algo);
                c.Init(</span><span style="color: rgba(0, 0, 255, 1)">true</span><span style="color: rgba(0, 0, 0, 1)">, key);
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> c.DoFinal(plain);
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("Sm4EncryptECB error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span>[] Sm4DecryptECB(<span style="color: rgba(0, 0, 255, 1)">byte</span>[] keyBytes, <span style="color: rgba(0, 0, 255, 1)">byte</span>[] cipher, <span style="color: rgba(0, 0, 255, 1)">string</span><span style="color: rgba(0, 0, 0, 1)"> algo)
      {
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (keyBytes.Length != <span style="color: rgba(128, 0, 128, 1)">16</span>) <span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> ArgumentException(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">err key length</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            </span><span style="color: rgba(0, 0, 255, 1)">if</span> (cipher.Length % <span style="color: rgba(128, 0, 128, 1)">16</span> != <span style="color: rgba(128, 0, 128, 1)">0</span> &amp;&amp; algo.Contains(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">NoPadding</span><span style="color: rgba(128, 0, 0, 1)">"</span>)) <span style="color: rgba(0, 0, 255, 1)">throw</span> <span style="color: rgba(0, 0, 255, 1)">new</span> ArgumentException(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">err data length</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);

            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                KeyParameter key </span>= ParameterUtilities.CreateKeyParameter(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM4</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">, keyBytes);
                IBufferedCipher c </span>=<span style="color: rgba(0, 0, 0, 1)"> CipherUtilities.GetCipher(algo);
                c.Init(</span><span style="color: rgba(0, 0, 255, 1)">false</span><span style="color: rgba(0, 0, 0, 1)">, key);
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> c.DoFinal(cipher);
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("Sm4DecryptECB error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">const</span> String SM4_ECB_NOPADDING = <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM4/ECB/NoPadding</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">const</span> String SM4_CBC_NOPADDING = <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM4/CBC/NoPadding</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">const</span> String SM4_CBC_PKCS7PADDING = <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM4/CBC/PKCS7Padding</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         * cfca官网CSP沙箱导出的sm2文件
         * @param pem 二进制原文
         * @param pwd 密码
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> Sm2Cert readSm2File(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] pem, String pwd)
      {

            Sm2Cert sm2Cert </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> Sm2Cert();
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                Asn1Sequence asn1Sequence </span>=<span style="color: rgba(0, 0, 0, 1)"> (Asn1Sequence)Asn1Object.FromByteArray(pem);
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">            ASN1Integer asn1Integer = (ASN1Integer) asn1Sequence.getObjectAt(0); </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">version=1</span>
                Asn1Sequence priSeq = (Asn1Sequence)asn1Sequence[<span style="color: rgba(128, 0, 128, 1)">1</span>];<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">private key</span>
                Asn1Sequence pubSeq = (Asn1Sequence)asn1Sequence[<span style="color: rgba(128, 0, 128, 1)">2</span>];<span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">public key and x509 cert

                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">            ASN1ObjectIdentifier sm2DataOid = (ASN1ObjectIdentifier) priSeq.getObjectAt(0);
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">            ASN1ObjectIdentifier sm4AlgOid = (ASN1ObjectIdentifier) priSeq.getObjectAt(1);</span>
                Asn1OctetString priKeyAsn1 = (Asn1OctetString)priSeq[<span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">];
                </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] key = KDF(System.Text.Encoding.UTF8.GetBytes(pwd), <span style="color: rgba(128, 0, 128, 1)">32</span><span style="color: rgba(0, 0, 0, 1)">);
                </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] priKeyD = Sm4DecryptCBC(Arrays.CopyOfRange(key, <span style="color: rgba(128, 0, 128, 1)">16</span>, <span style="color: rgba(128, 0, 128, 1)">32</span><span style="color: rgba(0, 0, 0, 1)">),
                        priKeyAsn1.GetOctets(),
                        Arrays.CopyOfRange(key, </span><span style="color: rgba(128, 0, 128, 1)">0</span>, <span style="color: rgba(128, 0, 128, 1)">16</span><span style="color: rgba(0, 0, 0, 1)">), SM4_CBC_PKCS7PADDING);
                sm2Cert.privateKey </span>= GetPrivatekeyFromD(<span style="color: rgba(0, 0, 255, 1)">new</span> BigInteger(<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">, priKeyD));
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">            log.Info(Hex.toHexString(priKeyD));

                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">            ASN1ObjectIdentifier sm2DataOidPub = (ASN1ObjectIdentifier) pubSeq.getObjectAt(0);</span>
                Asn1OctetString pubKeyX509 = (Asn1OctetString)pubSeq[<span style="color: rgba(128, 0, 128, 1)">1</span><span style="color: rgba(0, 0, 0, 1)">];
                X509Certificate x509 </span>= (X509Certificate)<span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> X509CertificateParser().ReadCertificate(pubKeyX509.GetOctets());
                sm2Cert.publicKey </span>=<span style="color: rgba(0, 0, 0, 1)"> x509.GetPublicKey();
                sm2Cert.certId </span>= x509.SerialNumber.ToString(<span style="color: rgba(128, 0, 128, 1)">10</span>); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">这里转10进账，有啥其他进制要求的自己改改</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> sm2Cert;
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("readSm2File error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 128, 0, 1)">/*</span><span style="color: rgba(0, 128, 0, 1)">*
         *
         * @param cert
         * @return
         </span><span style="color: rgba(0, 128, 0, 1)">*/</span>
      <span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> Sm2Cert ReadSm2X509Cert(<span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] cert)
      {
            Sm2Cert sm2Cert </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> Sm2Cert();
            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {

                X509Certificate x509 </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> X509CertificateParser().ReadCertificate(cert);
                sm2Cert.publicKey </span>=<span style="color: rgba(0, 0, 0, 1)"> x509.GetPublicKey();
                sm2Cert.certId </span>= x509.SerialNumber.ToString(<span style="color: rgba(128, 0, 128, 1)">10</span>); <span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">这里转10进账，有啥其他进制要求的自己改改</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> sm2Cert;
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("ReadSm2X509Cert error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">[] ZeroIv(String algo)
      {

            </span><span style="color: rgba(0, 0, 255, 1)">try</span><span style="color: rgba(0, 0, 0, 1)">
            {
                IBufferedCipher cipher </span>=<span style="color: rgba(0, 0, 0, 1)"> CipherUtilities.GetCipher(algo);
                </span><span style="color: rgba(0, 0, 255, 1)">int</span> blockSize =<span style="color: rgba(0, 0, 0, 1)"> cipher.GetBlockSize();
                </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] iv = <span style="color: rgba(0, 0, 255, 1)">new</span> <span style="color: rgba(0, 0, 255, 1)">byte</span><span style="color: rgba(0, 0, 0, 1)">;
                Arrays.Fill(iv, (</span><span style="color: rgba(0, 0, 255, 1)">byte</span>)<span style="color: rgba(128, 0, 128, 1)">0</span><span style="color: rgba(0, 0, 0, 1)">);
                </span><span style="color: rgba(0, 0, 255, 1)">return</span><span style="color: rgba(0, 0, 0, 1)"> iv;
            }
            </span><span style="color: rgba(0, 0, 255, 1)">catch</span><span style="color: rgba(0, 0, 0, 1)"> (Exception e)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Error("ZeroIv error: " + e.Message, e);</span>
                <span style="color: rgba(0, 0, 255, 1)">return</span> <span style="color: rgba(0, 0, 255, 1)">null</span><span style="color: rgba(0, 0, 0, 1)">;
            }
      }

      </span><span style="color: rgba(0, 0, 255, 1)">public</span> <span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">void</span> Main2(<span style="color: rgba(0, 0, 255, 1)">string</span><span style="color: rgba(0, 0, 0, 1)">[] s)
      {

            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> 随便看看
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("GMNamedCurves: ");</span>
            <span style="color: rgba(0, 0, 255, 1)">foreach</span> (<span style="color: rgba(0, 0, 255, 1)">string</span> e <span style="color: rgba(0, 0, 255, 1)">in</span><span style="color: rgba(0, 0, 0, 1)"> GMNamedCurves.Names)
            {
                </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info(e);</span>
<span style="color: rgba(0, 0, 0, 1)">            }
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("sm2p256v1 n:" + x9ECParameters.N);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("sm2p256v1 nHex:" + Hex.ToHexString(x9ECParameters.N.ToByteArray()));

            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> 生成公私钥对 ---------------------</span>
            AsymmetricCipherKeyPair kp =<span style="color: rgba(0, 0, 0, 1)"> GmUtil.GenerateKeyPair();
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("private key d: " + ((ECPrivateKeyParameters)kp.Private).D);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("public key q:" + ((ECPublicKeyParameters)kp.Public).Q); </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">{x, y, zs...}

            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">签名验签</span>
            <span style="color: rgba(0, 0, 255, 1)">byte</span>[] msg = System.Text.Encoding.UTF8.GetBytes(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">message digest</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] userId = System.Text.Encoding.UTF8.GetBytes(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">userId</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] sig =<span style="color: rgba(0, 0, 0, 1)"> SignSm3WithSm2(msg, userId, kp.Private);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testSignSm3WithSm2: " + Hex.ToHexString(sig));
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testVerifySm3WithSm2: " + VerifySm3WithSm2(msg, userId, sig, kp.Public));

            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> 由d生成私钥 ---------------------</span>
            BigInteger d = <span style="color: rgba(0, 0, 255, 1)">new</span> BigInteger(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">097b5230ef27c7df0fa768289d13ad4e8a96266f0fcb8de40d5942af4293a54a</span><span style="color: rgba(128, 0, 0, 1)">"</span>, <span style="color: rgba(128, 0, 128, 1)">16</span><span style="color: rgba(0, 0, 0, 1)">);
            ECPrivateKeyParameters bcecPrivateKey </span>=<span style="color: rgba(0, 0, 0, 1)"> GetPrivatekeyFromD(d);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testGetFromD: " + bcecPrivateKey.D.ToString(16));

            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">公钥X坐标PublicKeyXHex: 59cf9940ea0809a97b1cbffbb3e9d96d0fe842c1335418280bfc51dd4e08a5d4
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">公钥Y坐标PublicKeyYHex: 9a7f77c578644050e09a9adc4245d1e6eba97554bc8ffd4fe15a78f37f891ff8</span>
            AsymmetricKeyParameter publicKey = GetPublickeyFromX509File(<span style="color: rgba(0, 0, 255, 1)">new</span> FileInfo(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">d:/certs/69629141652.cer</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">));
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info(publicKey);</span>
            AsymmetricKeyParameter publicKey1 = GetPublickeyFromXY(<span style="color: rgba(0, 0, 255, 1)">new</span> BigInteger(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">59cf9940ea0809a97b1cbffbb3e9d96d0fe842c1335418280bfc51dd4e08a5d4</span><span style="color: rgba(128, 0, 0, 1)">"</span>, <span style="color: rgba(128, 0, 128, 1)">16</span>), <span style="color: rgba(0, 0, 255, 1)">new</span> BigInteger(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">9a7f77c578644050e09a9adc4245d1e6eba97554bc8ffd4fe15a78f37f891ff8</span><span style="color: rgba(128, 0, 0, 1)">"</span>, <span style="color: rgba(128, 0, 128, 1)">16</span><span style="color: rgba(0, 0, 0, 1)">));
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testReadFromX509File: " + ((ECPublicKeyParameters)publicKey).Q);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testGetFromXY: " + ((ECPublicKeyParameters)publicKey1).Q);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testPubKey: " + publicKey.Equals(publicKey1));
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testPubKey: " + ((ECPublicKeyParameters)publicKey).Q.Equals(((ECPublicKeyParameters)publicKey1).Q));

            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> sm2 encrypt and decrypt test ---------------------</span>
            AsymmetricCipherKeyPair kp2 =<span style="color: rgba(0, 0, 0, 1)"> GenerateKeyPair();
            AsymmetricKeyParameter publicKey2 </span>=<span style="color: rgba(0, 0, 0, 1)"> kp2.Public;
            AsymmetricKeyParameter privateKey2 </span>=<span style="color: rgba(0, 0, 0, 1)"> kp2.Private;
            </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] bs = Sm2Encrypt(System.Text.Encoding.UTF8.GetBytes(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">s</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">), publicKey2);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testSm2Enc dec: " + Hex.ToHexString(bs));</span>
            bs =<span style="color: rgba(0, 0, 0, 1)"> Sm2Decrypt(bs, privateKey2);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testSm2Enc dec: " + System.Text.Encoding.UTF8.GetString(bs));

            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> sm4 encrypt and decrypt test ---------------------
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">0123456789abcdeffedcba9876543210 + 0123456789abcdeffedcba9876543210 -&gt; 681edf34d206965e86b3e94f536e4246</span>
            <span style="color: rgba(0, 0, 255, 1)">byte</span>[] plain = Hex.Decode(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">0123456789abcdeffedcba98765432100123456789abcdeffedcba98765432100123456789abcdeffedcba9876543210</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] key = Hex.Decode(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">0123456789abcdeffedcba9876543210</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] cipher = Hex.Decode(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">595298c7c6fd271f0402f804c33d3f66</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            bs </span>=<span style="color: rgba(0, 0, 0, 1)"> Sm4EncryptECB(key, plain, GmUtil.SM4_ECB_NOPADDING);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testSm4EncEcb: " + Hex.ToHexString(bs)); ;</span>
            bs =<span style="color: rgba(0, 0, 0, 1)"> Sm4DecryptECB(key, bs, GmUtil.SM4_ECB_NOPADDING);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testSm4DecEcb: " + Hex.ToHexString(bs));

            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">读.sm2文件</span>
            String sm2 = <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">MIIDHQIBATBHBgoqgRzPVQYBBAIBBgcqgRzPVQFoBDDW5/I9kZhObxXE9Vh1CzHdZhIhxn+3byBU\nUrzmGRKbDRMgI3hJKdvpqWkM5G4LNcIwggLNBgoqgRzPVQYBBAIBBIICvTCCArkwggJdoAMCAQIC\nBRA2QSlgMAwGCCqBHM9VAYN1BQAwXDELMAkGA1UEBhMCQ04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFu\nY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEbMBkGA1UEAwwSQ0ZDQSBURVNUIFNNMiBPQ0Ex\nMB4XDTE4MTEyNjEwMTQxNVoXDTIwMTEyNjEwMTQxNVowcjELMAkGA1UEBhMCY24xEjAQBgNVBAoM\nCUNGQ0EgT0NBMTEOMAwGA1UECwwFQ1VQUkExFDASBgNVBAsMC0VudGVycHJpc2VzMSkwJwYDVQQD\nDCAwNDFAWnRlc3RAMDAwMTAwMDA6U0lHTkAwMDAwMDAwMTBZMBMGByqGSM49AgEGCCqBHM9VAYIt\nA0IABDRNKhvnjaMUShsM4MJ330WhyOwpZEHoAGfqxFGX+rcL9x069dyrmiF3+2ezwSNh1/6YqfFZ\nX9koM9zE5RG4USmjgfMwgfAwHwYDVR0jBBgwFoAUa/4Y2o9COqa4bbMuiIM6NKLBMOEwSAYDVR0g\nBEEwPzA9BghggRyG7yoBATAxMC8GCCsGAQUFBwIBFiNodHRwOi8vd3d3LmNmY2EuY29tLmNuL3Vz\nL3VzLTE0Lmh0bTA4BgNVHR8EMTAvMC2gK6AphidodHRwOi8vdWNybC5jZmNhLmNvbS5jbi9TTTIv\nY3JsNDI4NS5jcmwwCwYDVR0PBAQDAgPoMB0GA1UdDgQWBBREhx9VlDdMIdIbhAxKnGhPx8FcHDAd\nBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwQwDAYIKoEcz1UBg3UFAANIADBFAiEAgWvQi3h6\niW4jgF4huuXfhWInJmTTYr2EIAdG8V4M8fYCIBixygdmfPL9szcK2pzCYmIb6CBzo5SMv50Odycc\nVfY6</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
            bs </span>=<span style="color: rgba(0, 0, 0, 1)"> Convert.FromBase64String(sm2);
            String pwd </span>= <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">cfca1234</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
            GmUtil.Sm2Cert sm2Cert </span>=<span style="color: rgba(0, 0, 0, 1)"> GmUtil.readSm2File(bs, pwd);
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testReadSm2File, pubkey: " + ((ECPublicKeyParameters)sm2Cert.publicKey).Q.ToString());
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testReadSm2File, prikey: " + Hex.ToHexString(((ECPrivateKeyParameters)sm2Cert.privateKey).D.ToByteArray()));
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testReadSm2File, certId: " + sm2Cert.certId);</span>
<span style="color: rgba(0, 0, 0, 1)">
            bs </span>= Sm2Encrypt(System.Text.Encoding.UTF8.GetBytes(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">s</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">), ((ECPublicKeyParameters)sm2Cert.publicKey));
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testSm2Enc dec: " + Hex.ToHexString(bs));</span>
            bs =<span style="color: rgba(0, 0, 0, 1)"> Sm2Decrypt(bs, ((ECPrivateKeyParameters)sm2Cert.privateKey));
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testSm2Enc dec: " + System.Text.Encoding.UTF8.GetString(bs));</span>
<span style="color: rgba(0, 0, 0, 1)">
            msg </span>= System.Text.Encoding.UTF8.GetBytes(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">message digest</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            userId </span>= System.Text.Encoding.UTF8.GetBytes(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">userId</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">);
            sig </span>=<span style="color: rgba(0, 0, 0, 1)"> SignSm3WithSm2(msg, userId, ((ECPrivateKeyParameters)sm2Cert.privateKey));
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testSignSm3WithSm2: " + Hex.ToHexString(sig));
            </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">log.Info("testVerifySm3WithSm2: " + VerifySm3WithSm2(msg, userId, sig, ((ECPublicKeyParameters)sm2Cert.publicKey)));</span>
<span style="color: rgba(0, 0, 0, 1)">      }

    }
}</span></pre>
</div>
<p>.NET使用：</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> CommonUtils;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Crypto;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Math;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> Org.BouncyCastle.Utilities.Encoders;
</span><span style="color: rgba(0, 0, 255, 1)">using</span><span style="color: rgba(0, 0, 0, 1)"> System.Text;


</span><span style="color: rgba(0, 0, 255, 1)">void</span><span style="color: rgba(0, 0, 0, 1)"> TestSM2Enc()
{
    String privateKeyHex </span>= <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">FAB8BBE670FAE338C9E9382B9FB6485225C11A3ECB84C938F10F20A93B6215F0</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">完整公钥128位“9EF573019D9A03B16B0BE44FC8A5B4E8E098F56034C97B312282DD0B4810AFC3CC759673ED0FC9B9DC7E6FA38F0E2B121E02654BF37EA6B63FAF2A0D6013EADF”
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">完整公钥130位，比128位开头多了04“049EF573019D9A03B16B0BE44FC8A5B4E8E098F56034C97B312282DD0B4810AFC3CC759673ED0FC9B9DC7E6FA38F0E2B121E02654BF37EA6B63FAF2A0D6013EADF”</span>
    <span style="color: rgba(0, 0, 255, 1)">string</span> pubKeyHex = <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">049EF573019D9A03B16B0BE44FC8A5B4E8E098F56034C97B312282DD0B4810AFC3CC759673ED0FC9B9DC7E6FA38F0E2B121E02654BF37EA6B63FAF2A0D6013EADF</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">如果是130位公钥，.NET 使用的话，把开头的04截取掉。</span>
    <span style="color: rgba(0, 0, 255, 1)">if</span> (pubKeyHex.Length == <span style="color: rgba(128, 0, 128, 1)">130</span><span style="color: rgba(0, 0, 0, 1)">)
    {
      pubKeyHex </span>= pubKeyHex.Substring(<span style="color: rgba(128, 0, 128, 1)">2</span>, <span style="color: rgba(128, 0, 128, 1)">128</span><span style="color: rgba(0, 0, 0, 1)">);
    }
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">公钥X，前64位</span>
    String x = pubKeyHex.Substring(<span style="color: rgba(128, 0, 128, 1)">0</span>, <span style="color: rgba(128, 0, 128, 1)">64</span><span style="color: rgba(0, 0, 0, 1)">);
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">公钥Y，后64位</span>
    String y = pubKeyHex.Substring(<span style="color: rgba(128, 0, 128, 1)">64</span><span style="color: rgba(0, 0, 0, 1)">);
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">获取公钥对象</span>
    AsymmetricKeyParameter publicKey1 = GmUtil.GetPublickeyFromXY(<span style="color: rgba(0, 0, 255, 1)">new</span> BigInteger(x, <span style="color: rgba(128, 0, 128, 1)">16</span>), <span style="color: rgba(0, 0, 255, 1)">new</span> BigInteger(y, <span style="color: rgba(128, 0, 128, 1)">16</span><span style="color: rgba(0, 0, 0, 1)">));
    String content </span>= <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">1234泰酷拉NET</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
    Console.WriteLine(</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">待处理字符串：</span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> content);
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">Sm2Encrypt 对应C1C3C2
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> Sm2EncryptOld ：C1C2C3</span>
    <span style="color: rgba(0, 0, 255, 1)">byte</span>[] digestByte =<span style="color: rgba(0, 0, 0, 1)"> GmUtil.Sm2Encrypt(Encoding.UTF8.GetBytes(content), publicKey1);
    </span><span style="color: rgba(0, 0, 255, 1)">string</span> strSM2 =<span style="color: rgba(0, 0, 0, 1)"> Hex.ToHexString(digestByte);
    Console.WriteLine(</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM2加密后：</span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> strSM2);
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)"> 4. .NET BC库SM2加密结果会带04，如果JAVA 那边报 Invalid point encoding 错误，删除加密结果前的04。如果对方要的是BASE64的加密结果，我们可以先转16进制字符串，裁掉04，再转BASE64。</span>
    <span style="color: rgba(0, 0, 255, 1)">string</span> newCipherText =<span style="color: rgba(0, 0, 0, 1)"> Hex.ToHexString(digestByte);
    </span><span style="color: rgba(0, 0, 255, 1)">if</span> (newCipherText.StartsWith(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">04</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">))
    {
      newCipherText </span>= newCipherText.Substring(<span style="color: rgba(128, 0, 128, 1)">2</span><span style="color: rgba(0, 0, 0, 1)">);
    }
    Console.WriteLine(</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">截取04后，加密结果：</span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> newCipherText);

    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">.NET 自加自解</span>
    BigInteger d = <span style="color: rgba(0, 0, 255, 1)">new</span> BigInteger(privateKeyHex, <span style="color: rgba(128, 0, 128, 1)">16</span><span style="color: rgba(0, 0, 0, 1)">);
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">先拿到私钥对象，用ECPrivateKeyParameters 或 AsymmetricKeyParameter 都可以
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">ECPrivateKeyParameters bcecPrivateKey = CommonUtils.GmUtil.GetPrivatekeyFromD(d);</span>
    AsymmetricKeyParameter bcecPrivateKey =<span style="color: rgba(0, 0, 0, 1)"> CommonUtils.GmUtil.GetPrivatekeyFromD(d);
    </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] byToDecrypt =<span style="color: rgba(0, 0, 0, 1)"> Hex.Decode(strSM2);
    </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] byDecrypted =<span style="color: rgba(0, 0, 0, 1)"> GmUtil.Sm2Decrypt(byToDecrypt, bcecPrivateKey);
    String strDecrypted </span>=<span style="color: rgba(0, 0, 0, 1)"> Encoding.UTF8.GetString(byDecrypted);
    Console.WriteLine(</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">SM2解密后：</span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> strDecrypted);

    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">JAVA 结果，.NET来解</span>
    <span style="color: rgba(0, 0, 255, 1)">string</span> javaSM2 = <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">04a7aaa9fd91aea6f99787ef431e19cb9feecc5bfb97fb445ce529c78c04676f1792e06b3a2814d1bda80bd3f63e530c149fc03911f1b81007dc86cef2c03f30c7fecc8b256272f881a8f2f4e71351c45d5bb27e8531f1e2ea6d55150c88f5026b8783ccef867a510a313178cfd26177</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">.NET BC库解密，密文前要加 “04”，否则会报 Invalid point encoding XX
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">如果加密结果是BASE64的，把BASE64转16进制字符串，再判断是否04开头。
    </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">如果对方源码，固定截取的头2位，那么就不用判断是否04开头了，直接写死：javaSM2 = "04" + javaSM2;</span>
    <span style="color: rgba(0, 0, 255, 1)">if</span> (!javaSM2.StartsWith(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">04</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">))
    {
      javaSM2 </span>= <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">04</span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> javaSM2;
    }
    Console.WriteLine(</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">javaSM2加密结果：</span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> javaSM2);
    byToDecrypt </span>=<span style="color: rgba(0, 0, 0, 1)"> Hex.Decode(javaSM2);
    byDecrypted </span>=<span style="color: rgba(0, 0, 0, 1)"> GmUtil.Sm2Decrypt(byToDecrypt, bcecPrivateKey);
    strDecrypted </span>=<span style="color: rgba(0, 0, 0, 1)"> Encoding.UTF8.GetString(byDecrypted);
    Console.WriteLine(</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">java SM2解密后：</span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> strDecrypted);
}</span></pre>
</div>
<p>&nbsp;</p>
<p>java代码：</p>
<p>maven 引用 ：</p>
<div class="cnblogs_code">
<pre>&lt;dependency&gt;
      &lt;groupId&gt;cn.hutool&lt;/groupId&gt;
      &lt;artifactId&gt;hutool-all&lt;/artifactId&gt;
      &lt;version&gt;<span style="color: rgba(128, 0, 128, 1)">5.8</span>.<span style="color: rgba(128, 0, 128, 1)">1</span>&lt;/version&gt;
    &lt;/dependency&gt;

    &lt;dependency&gt;
      &lt;groupId&gt;org.bouncycastle&lt;/groupId&gt;
      &lt;artifactId&gt;bcprov-jdk15on&lt;/artifactId&gt;
      &lt;version&gt;<span style="color: rgba(128, 0, 128, 1)">1.70</span>&lt;/version&gt;
    &lt;/dependency&gt;</pre>
</div>
<p>JAVA调用：</p>
<div class="cnblogs_code">
<pre><span style="color: rgba(0, 0, 0, 1)">package org.example;

import cn.hutool.crypto.SmUtil;
import cn.hutool.crypto.asymmetric.KeyType;
import cn.hutool.crypto.asymmetric.SM2;
import org.bouncycastle.crypto.engines.SM2Engine;
import org.bouncycastle.util.encoders.Hex;

</span><span style="color: rgba(0, 0, 255, 1)">static</span> <span style="color: rgba(0, 0, 255, 1)">void</span><span style="color: rgba(0, 0, 0, 1)"> testSM2Enc() {
      </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">sm2 加密模式:C1C3C2
      </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">私钥</span>
      String privateKeyHex = <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">FAB8BBE670FAE338C9E9382B9FB6485225C11A3ECB84C938F10F20A93B6215F0</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
      </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">完整公钥“9EF573019D9A03B16B0BE44FC8A5B4E8E098F56034C97B312282DD0B4810AFC3CC759673ED0FC9B9DC7E6FA38F0E2B121E02654BF37EA6B63FAF2A0D6013EADF”
      </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">公钥X</span>
      String x = <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">9EF573019D9A03B16B0BE44FC8A5B4E8E098F56034C97B312282DD0B4810AFC3</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
      </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">公钥Y</span>
      String y = <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">CC759673ED0FC9B9DC7E6FA38F0E2B121E02654BF37EA6B63FAF2A0D6013EADF</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;

      </span>
      String content = <span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">1234泰酷拉JJ</span><span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(0, 0, 0, 1)">;
      System.</span><span style="color: rgba(0, 0, 255, 1)">out</span>.println(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">待处理字符串：</span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> content);

      SM2 sm2 </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> SM2(privateKeyHex, x, y);
      </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">默认是:C1C3C2</span>
<span style="color: rgba(0, 0, 0, 1)">      sm2.setMode(SM2Engine.Mode.C1C3C2);
      </span><span style="color: rgba(0, 128, 0, 1)">//</span><span style="color: rgba(0, 128, 0, 1)">公钥加密</span>
      <span style="color: rgba(0, 0, 255, 1)">byte</span>[] byRst =<span style="color: rgba(0, 0, 0, 1)"> sm2.encrypt(content.getBytes(), KeyType.PublicKey);

      String strRst </span>=<span style="color: rgba(0, 0, 0, 1)"> Hex.toHexString(byRst);
      System.</span><span style="color: rgba(0, 0, 255, 1)">out</span>.println(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">加密后：</span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> strRst);

      </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] byToDecrypt =<span style="color: rgba(0, 0, 0, 1)"> Hex.decode(strRst);
      </span><span style="color: rgba(0, 0, 255, 1)">byte</span>[] byDecrypted =<span style="color: rgba(0, 0, 0, 1)"> sm2.decrypt(byToDecrypt, KeyType.PrivateKey);
      String strDecrypted </span>= <span style="color: rgba(0, 0, 255, 1)">new</span><span style="color: rgba(0, 0, 0, 1)"> String(byDecrypted);

      System.</span><span style="color: rgba(0, 0, 255, 1)">out</span>.println(<span style="color: rgba(128, 0, 0, 1)">"</span><span style="color: rgba(128, 0, 0, 1)">解密后：</span><span style="color: rgba(128, 0, 0, 1)">"</span> +<span style="color: rgba(0, 0, 0, 1)"> strDecrypted);
    }</span></pre>
</div>
<p>&nbsp;</p>
<p>end.</p>
<p><br>                        </p><br><br>
来源：https://www.cnblogs.com/runliuv/p/17607568.html

查看完整版本: C#.NET 国密SM2 加密解密 与JAVA互通 ver:20230805