当前位置: 首页>移动开发>正文

iOS使用Gmssl实现SM2证书签名验签

如果没有编译gmssl,可以看下: iOS 编译Gmssl

编译好iOS可以用的Gmssl静态库之后,需要在Gmssl-Master文件中将需要用的openssl文件导入到工程,两个.a静态库


iOS使用Gmssl实现SM2证书签名验签,第1张
图片.png

如果提示openssl的一些文件找不到,需要在Build Setting里设置Header Search Paths路径:

例如: "$(SRCROOT)/SM2OC/gmssl/include"

注意:sm2文件里面有个sm2test的文件,是用来测试sm2签名验签、加密解密等,如果程序运行出错,需要将里面的main函数删除或者注释,上图已经删除.

签名代码:

#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "e_os.h"
#include "sm2ToOC.h"
#include "string.h"
# include <openssl/bn.h>
# include <openssl/ec.h>
# include <openssl/evp.h>
# include <openssl/rand.h>
# include <openssl/engine.h>
# include <openssl/sm2.h>
# include "sm2_lcl.h"
# include "pkcs12.h"


# define VERBOSE 1

RAND_METHOD fake_rand;
const RAND_METHOD *old_rand;

static const char *rnd_number = NULL;
 int fbytes(unsigned char *buf, int num)
{
    int ret = 0;
    BIGNUM *bn = NULL;

    if (!BN_hex2bn(&bn, rnd_number)) {
        goto end;
    }
    if (BN_num_bytes(bn) > num) {
        goto end;
    }
    memset(buf, 0, num);
    if (!BN_bn2bin(bn, buf + num - BN_num_bytes(bn))) {
        goto end;
    }
    ret = 1;
end:
    BN_free(bn);
    return ret;
}

 int change_rand(const char *hex)
{
    if (!(old_rand = RAND_get_rand_method())) {
        return 0;
    }

    fake_rand.seed        = old_rand->seed;
    fake_rand.cleanup    = old_rand->cleanup;
    fake_rand.add        = old_rand->add;
    fake_rand.status    = old_rand->status;
    fake_rand.bytes        = fbytes;
    fake_rand.pseudorand    = old_rand->bytes;

    if (!RAND_set_rand_method(&fake_rand)) {
        return 0;
    }

    rnd_number = hex;
    return 1;
}

 int restore_rand(void)
{
    rnd_number = NULL;
    if (!RAND_set_rand_method(old_rand))
        return 0;
    else    return 1;
}

 EC_GROUP *new_ec_group(int is_prime_field,
                              const char *p_hex, const char *a_hex, const char *b_hex,
                              const char *x_hex, const char *y_hex, const char *n_hex, const char *h_hex)
{
    int ok = 0;
    EC_GROUP *group = NULL;
    BN_CTX *ctx = NULL;
    BIGNUM *p = NULL;
    BIGNUM *a = NULL;
    BIGNUM *b = NULL;
    BIGNUM *x = NULL;
    BIGNUM *y = NULL;
    BIGNUM *n = NULL;
    BIGNUM *h = NULL;
    EC_POINT *G = NULL;
    point_conversion_form_t form = SM2_DEFAULT_POINT_CONVERSION_FORM;
    int flag = 0;

    if (!(ctx = BN_CTX_new())) {
        goto err;
    }

    if (!BN_hex2bn(&p, p_hex) ||
        !BN_hex2bn(&a, a_hex) ||
        !BN_hex2bn(&b, b_hex) ||
        !BN_hex2bn(&x, x_hex) ||
        !BN_hex2bn(&y, y_hex) ||
        !BN_hex2bn(&n, n_hex) ||
        !BN_hex2bn(&h, h_hex)) {
        goto err;
    }

    if (is_prime_field) {
        if (!(group = EC_GROUP_new_curve_GFp(p, a, b, ctx))) {
            goto err;
        }
        if (!(G = EC_POINT_new(group))) {
            goto err;
        }
        if (!EC_POINT_set_affine_coordinates_GFp(group, G, x, y, ctx)) {
            goto err;
        }
    } else {
        if (!(group = EC_GROUP_new_curve_GF2m(p, a, b, ctx))) {
            goto err;
        }
        if (!(G = EC_POINT_new(group))) {
            goto err;
        }
        if (!EC_POINT_set_affine_coordinates_GF2m(group, G, x, y, ctx)) {
            goto err;
        }
    }

    if (!EC_GROUP_set_generator(group, G, n, h)) {
        goto err;
    }

    EC_GROUP_set_asn1_flag(group, flag);
    EC_GROUP_set_point_conversion_form(group, form);

    ok = 1;
err:
    BN_CTX_free(ctx);
    BN_free(p);
    BN_free(a);
    BN_free(b);
    BN_free(x);
    BN_free(y);
    BN_free(n);
    BN_free(h);
    EC_POINT_free(G);
    if (!ok && group) {
        ERR_print_errors_fp(stderr);
        EC_GROUP_free(group);
        group = NULL;
    }

    return group;
}

 EC_KEY *new_ec_key(const EC_GROUP *group,
                          const char *sk, const char *xP, const char *yP,
                          const char *id, const EVP_MD *id_md)
{
    int ok = 0;
    EC_KEY *ec_key = NULL;
    BIGNUM *d = NULL;
    BIGNUM *x = NULL;
    BIGNUM *y = NULL;

    OPENSSL_assert(group);
    OPENSSL_assert(xP);
    OPENSSL_assert(yP);

    if (!(ec_key = EC_KEY_new())) {
        goto end;
    }
    if (!EC_KEY_set_group(ec_key, group)) {
        goto end;
    }

    if (sk) {
        if (!BN_hex2bn(&d, sk)) {
            goto end;
        }
        if (!EC_KEY_set_private_key(ec_key, d)) {
            goto end;
        }
    }

    if (xP && yP) {
        if (!BN_hex2bn(&x, xP)) {
            goto end;
        }
        if (!BN_hex2bn(&y, yP)) {
            goto end;
        }
        if (!EC_KEY_set_public_key_affine_coordinates(ec_key, x, y)) {
            goto end;
        }
    }

    /*
     if (id) {
     if (!SM2_set_id(ec_key, id, id_md)) {
     goto end;
     }
     }
     */

    ok = 1;
end:
    if (d) BN_free(d);
    if (x) BN_free(x);
    if (y) BN_free(y);
    if (!ok && ec_key) {
        ERR_print_errors_fp(stderr);
        EC_KEY_free(ec_key);
        ec_key = NULL;
    }
    return ec_key;
}



 int JZYT_sm2_sign(const EC_GROUP *group,
                         const char *sk, const char *xP, const char *yP,
                         const char *id, const char *Z,
                         const char *M, const char *e,
                         const char *k, const char *r, const char *s,unsigned char * signedData, unsigned long * pulSigLen)
{
    int ret = 0;
    int verbose = VERBOSE;
    const EVP_MD *id_md = EVP_sm3();
    const EVP_MD *msg_md = EVP_sm3();
    int type = NID_undef;
    unsigned char dgst[EVP_MAX_MD_SIZE];
    size_t dgstlen;
    unsigned char sig[256];
    unsigned int siglen;
    const unsigned char *p;
    EC_KEY *ec_key = NULL;
    EC_KEY *pubkey = NULL;
    ECDSA_SIG *sm2sig = NULL;
    BIGNUM *rr = NULL;
    BIGNUM *ss = NULL;
    const BIGNUM *sig_r;
    const BIGNUM *sig_s;

    change_rand(k);

    if (!(ec_key = new_ec_key(group, sk, xP, yP, id, id_md))) {
        fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
        goto err;
    }

    if (verbose > 1) {
        EC_KEY_print_fp(stdout, ec_key, 4);
    }

    dgstlen = sizeof(dgst);

    if (!SM2_compute_id_digest(id_md, id, strlen(id), dgst, &dgstlen, ec_key)) {
        fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
        goto err;
    }


    if (verbose > 1) {
        int j;
        printf("id=%s\n", id);
        printf("zid(xx):");
        for (j = 0; j < dgstlen; j++) { printf("%02x", dgst[j]); } printf("\n");
    }

    dgstlen = sizeof(dgst);
    if (!SM2_compute_message_digest(id_md, msg_md,
                                    (const unsigned char *)M, strlen(M), id, strlen(id),
                                    dgst, &dgstlen, ec_key)) {
        fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
        goto err;
    }

    /* sign */
    siglen = sizeof(sig);
    if (!SM2_sign(type, dgst, dgstlen, sig, &siglen, ec_key)) {
        fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
        goto err;
    }

    memcpy(signedData, sig, siglen);
    * pulSigLen = siglen;
    p = sig;
    if (!(sm2sig = d2i_ECDSA_SIG(NULL, &p, siglen))) {
        fprintf(stderr, "error: %s %d\n", __FUNCTION__, __LINE__);
        goto err;
    }

    ECDSA_SIG_get0(sm2sig, &sig_r, &sig_s);


    ret = 1;
err:
    restore_rand();
    if (ec_key) EC_KEY_free(ec_key);
    if (pubkey) EC_KEY_free(pubkey);
    if (sm2sig) ECDSA_SIG_free(sm2sig);
    if (rr) BN_free(rr);
    if (ss) BN_free(ss);
    return ret;
}

EC_GROUP 是代表你使用的sm2算法的曲线参数,我这边使用的官方推荐的:

EC_GROUP *sm2p256real = new_ec_group(1,
"FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF",
"FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC",
"28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93",
"32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7",
"BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0",
"FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123", "1");

觉得有必要说明一下签名方法各个参数的意思:

    unsigned char result[72] = {0};
    unsigned long outlen = 64;
    if (!JZYT_sm2_sign(sm2p256real,
                       [sm2PrivateKey cStringUsingEncoding:NSUTF8StringEncoding],
                       [px cStringUsingEncoding:NSUTF8StringEncoding],
                       [py cStringUsingEncoding:NSUTF8StringEncoding],
                       [uid cStringUsingEncoding:NSUTF8StringEncoding],
                       "",
                       [str cStringUsingEncoding:NSUTF8StringEncoding],
                       "",
                       [[SM2_SignIdtoken ret32bitString] cStringUsingEncoding:NSUTF8StringEncoding],
                       "",
                       "",(unsigned char *)result,&outlen)) {

        printf("签名失败\n");
        return @"";
    } else {
        printf("签名成功\n");
        NSData *data = [NSData dataWithBytes:result length:outlen];
        NSLog(@"%@",data);
           }

1: 曲线参数,
2: 私钥,
3、4: px 和py 是公钥都是32位,
5: uid是可以识别的用户标识,这个参数要前后台一致才可以验签,用来生成摘要部分,
6: 我这里传的是空值,不影响签名,
7: 是待签名的数据
8: 也传的是空值,不影响签名,
9: 是一个随机数,保证你每次签名都不一样
10、11: 是签名结果,这个里没有用验签可以不传

签名结果示例:

30:46:02:21:00:c5:b9:14:f4:66:78:d5:c5:1e:d7:d4:d9:0e:31:fa:67:2e:24:04
:2b:d5:f2:f0:47:f6:92:bc:90:93:fa:b2:d1:02:21:00:ed:e9:b6:28:c2:be:66:0c
:20:1b:6b:b7:57:3f:c8:c2:90:5a:80:d1:15:e6:7a:c6:cb:d6:27:86:c6:b9:80:76

注意: SM2签名出来是一个点,包含两个变量,每个变量是32位,合计64位这是没有问题的,我们看到的签名,转为16进制,以我上面的例子,

c5:b9:14:f4:66:78:d5:c5:1e:d7:d4:d9:0e:31:fa:67:2e:24:04:2b:d5:f2:f0:47
:f6:92:bc:90:93:fa:b2:d1
ed:e9:b6:28:c2:be:66:0c:20:1b:6b:b7:57:3f:c8:c2:90:5a:80:d1:15:e6:7a:c6
:cb:d6:27:86:c6:b9:80:76

这个64位就是这个64位点,开始的30:46:02:21:00和中间部分02:21:00是根据标准添加的附加字段,合起来就是你看到的72位,这个72位不是固定的,根据标准的附加字段规定,还可能是70和71位

demo下载地址: https://github.com/lbw19910619/lbw_sm2_sign


https://www.xamrdz.com/mobile/4t51848726.html

相关文章: