一、配置
(一)jar包下载
官网:https://www.bouncycastle.org/latest_releases.html
bcprov-ext-jdk15to18-1.73.jar
bcprov-jdk15to18-1.73.jar
(二)修改配置文件
-
将下载的两个jar包拷贝到 %JAVA_HOME%\jre\lib\ext 目录下面
-
修改配置文件 %JAVA_HOME%\jre\lib\security\java.security ,在末尾添加
security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider ;
-
在项目中导入jar包: bcprov‐ext‐jdk15to18‐168.jar
二、代码
(一)demo.java
import org.bouncycastle.jce.provider.BouncyCastleProvider; import java.security.*; import java.security.spec.ECGenParameterSpec; import java.util.Arrays;public class demo { private static String M = "ycy20201212"; public static void main(String[] args) throws Exception { SM2Util sm2 = new SM2Util(); final ECGenParameterSpec sm2Spec = new ECGenParameterSpec("sm2p256v1"); // 获取一个椭圆曲线类型的密钥对生成器 final KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", new BouncyCastleProvider()); // 使用SM2参数初始化生成器 kpg.initialize(sm2Spec); // 获取密钥对 KeyPair keyPair = kpg.generateKeyPair(); PublicKey publicKey = keyPair.getPublic(); PrivateKey privateKey = keyPair.getPrivate(); System.out.println("数据:" + M); String data = sm2.encrypt(publicKey, M); System.out.println("公钥加密:" + data); String text = sm2.decrypt(privateKey, data); System.out.println("私钥解密:" + text); SM3Util sm3 = new SM3Util(); byte[] digest = sm3.digest(M); System.out.println("SM3摘要:" + Arrays.toString(digest)); SM4Util sm4 = new SM4Util(); byte[] key1 = SM4Key.generateKey(); byte[] iv = null; byte[] sm4data = sm4.encrypt(digest, key1, SM4ModeAndPaddingEnum.SM4_ECB_NoPadding, iv); System.out.println("SM4加密:" + Arrays.toString(sm4data)); byte[] sm4text = sm4.decrypt(sm4data, key1, SM4ModeAndPaddingEnum.SM4_ECB_NoPadding, iv); System.out.println("SM4解密:" + Arrays.toString(sm4text)); } }
(二)SM2Util.java
import org.bouncycastle.crypto.engines.SM2Engine; import org.bouncycastle.crypto.params.*; import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey; import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey; import org.bouncycastle.jce.spec.ECParameterSpec; import org.bouncycastle.util.encoders.Hex; import java.nio.charset.StandardCharsets; import java.security.PrivateKey; import java.security.PublicKey; import java.security.SecureRandom;public class SM2Util { /** * SM2加密算法 * * @param publicKey 公钥 * @param data 明文数据 * @return **/ public String encrypt(PublicKey publicKey, String data) { ECPublicKeyParameters ecPublicKeyParameters = null; if (publicKey instanceof BCECPublicKey) { BCECPublicKey bcecPublicKey = (BCECPublicKey) publicKey; ECParameterSpec ecParameterSpec = bcecPublicKey.getParameters(); ECDomainParameters ecDomainParameters = new ECDomainParameters(ecParameterSpec.getCurve(), ecParameterSpec.getG(), ecParameterSpec.getN()); ecPublicKeyParameters = new ECPublicKeyParameters(bcecPublicKey.getQ(), ecDomainParameters); } SM2Engine sm2Engine = new SM2Engine(); sm2Engine.init(true, new ParametersWithRandom(ecPublicKeyParameters, new SecureRandom())); byte[] arrayOfBytes = null; try { byte[] in = data.getBytes(StandardCharsets.UTF_8); arrayOfBytes = sm2Engine.processBlock(in, 0, in.length); } catch (Exception e) { System.out.println("SM2加密时出现异常:"); } return Hex.toHexString(arrayOfBytes); } /** * SM2解密算法 * * @param privateKey 私钥 * @param cipherData 密文数据 * @return **/ public String decrypt(PrivateKey privateKey, String cipherData) { byte[] cipherDataByte = Hex.decode(cipherData); BCECPrivateKey bcecPrivateKey = (BCECPrivateKey) privateKey; ECParameterSpec ecParameterSpec = bcecPrivateKey.getParameters(); ECDomainParameters ecDomainParameters = new ECDomainParameters(ecParameterSpec.getCurve(), ecParameterSpec.getG(), ecParameterSpec.getN()); ECPrivateKeyParameters ecPrivateKeyParameters = new ECPrivateKeyParameters(bcecPrivateKey.getD(), ecDomainParameters); SM2Engine sm2Engine = new SM2Engine(); sm2Engine.init(false, ecPrivateKeyParameters); String result = null; try { byte[] arrayOfBytes = sm2Engine.processBlock(cipherDataByte, 0, cipherDataByte.length); return new String(arrayOfBytes, StandardCharsets.UTF_8); } catch (Exception e) { System.out.println("SM2解密时出现异常"); } return result; } }
(三)SM3Util.java
import org.bouncycastle.crypto.digests.SM3Digest; import org.bouncycastle.jce.provider.BouncyCastleProvider; import java.security.Security;/** * @Description: 国密SM3摘要算法帮助类 * @Author: wucheng * @CreateDate: 2020/2/16 16:36 */public class SM3Util { static { Security.addProvider(new BouncyCastleProvider()); } public byte[] digest(String input) { SM3Digest sm3Digest = new SM3Digest(); int length = input.length(); byte[] data = input.getBytes(); sm3Digest.update(data, 0, length); byte[] ret = new byte[sm3Digest.getDigestSize()]; sm3Digest.doFinal(ret, 0); return ret; } }
(四)SM4Key.java
import org.bouncycastle.jce.provider.BouncyCastleProvider; import javax.crypto.KeyGenerator; import java.security.SecureRandom; import java.security.Security;/** * @Description: * @Author: wucheng * @CreateDate: 2020/2/16 16:51 */public class SM4Key { static { Security.addProvider(new BouncyCastleProvider()); } public static byte[] generateKey() throws Exception { KeyGenerator kg = KeyGenerator.getInstance("SM4", BouncyCastleProvider.PROVIDER_NAME); kg.init(128, new SecureRandom()); return kg.generateKey().getEncoded(); } }
(五)SM4Util.java
import org.bouncycastle.jce.provider.BouncyCastleProvider; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.security.Security;/** * @Description: 国密SM4对称加解密算法帮助类 * @Author: wucheng * @CreateDate: 2020/2/16 16:38 */public class SM4Util { static { Security.addProvider(new BouncyCastleProvider()); } /** * SM4 加密 * * @param input 明文数据 * @param key 密钥 * @param sm4ModeAndPaddingEnum 加密模式和padding模式 * @param iv 初始向量(ECB模式下传NULL) * @return * @throws Exception */ public byte[] encrypt(byte[] input, byte[] key, SM4ModeAndPaddingEnum sm4ModeAndPaddingEnum, byte[] iv) throws Exception { return sm4(input, key, sm4ModeAndPaddingEnum, iv, Cipher.ENCRYPT_MODE); } /** * SM4 解密 * * @param input 密文数据 * @param key 密钥 * @param sm4ModeAndPaddingEnum 加密模式和padding模式 * @param iv 初始向量(ECB模式下传NULL) * @return * @throws Exception */ public byte[] decrypt(byte[] input, byte[] key, SM4ModeAndPaddingEnum sm4ModeAndPaddingEnum, byte[] iv) throws Exception { return sm4(input, key, sm4ModeAndPaddingEnum, iv, Cipher.DECRYPT_MODE); } private static byte[] sm4(byte[] input, byte[] key, SM4ModeAndPaddingEnum sm4ModeAndPaddingEnum, byte[] iv, int mode) throws Exception { IvParameterSpec ivParameterSpec = null; if (iv != null) { ivParameterSpec = new IvParameterSpec(iv); } SecretKeySpec sm4Key = new SecretKeySpec(key, "SM4"); Cipher cipher = Cipher.getInstance(sm4ModeAndPaddingEnum.getName(), BouncyCastleProvider.PROVIDER_NAME); if (ivParameterSpec == null) { cipher.init(mode, sm4Key); } else { cipher.init(mode, sm4Key, ivParameterSpec); } return cipher.doFinal(input); } }
(六)SM4ModeAndPaddingEnum.java
/** * @Description: SM4对称加解密算法中的模式和padding方式枚举类 * @Author: wucheng * @CreateDate: 2020/2/16 16:39 */public enum SM4ModeAndPaddingEnum { SM4_ECB_NoPadding("SM4/ECB/NoPadding"), SM4_ECB_PKCS5Padding("SM4/ECB/PKCS5Padding"), SM4_ECB_PKCS7Padding("SM4/ECB/PKCS7Padding"), SM4_CBC_NoPadding("SM4/CBC/NoPadding"), SM4_CBC_PKCS5Padding("SM4/CBC/PKCS5Padding"), SM4_CBC_PKCS7Padding("SM4/CBC/PKCS7Padding"); private String name; SM4ModeAndPaddingEnum(String name) { this.name = name; } public String getName() { return name; } }