1 maven工程引入以下依赖
<!-- BC包,若jdk为1.8以下可替换对应版本及artifactId-->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk18on</artifactId>
<version>1.78.1</version>
</dependency>
2 SM2工具类
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import java.security.*;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
public class SM2Util {
static {
Security.addProvider(new BouncyCastleProvider());
}
// 生成SM2密钥对
public static KeyPair generateKeyPair() {
try{
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "BC");
keyPairGenerator.initialize(new ECGenParameterSpec("sm2p256v1"));
return keyPairGenerator.generateKeyPair();
} catch (Exception e) {
//TODO 做异常处理
}
}
// 加密
public static byte[] encrypt(byte[] publicKey, byte[] data) {
try{
PublicKey pubKey = KeyFactory.getInstance("EC", "BC")
.generatePublic(new X509EncodedKeySpec(publicKey));
Cipher cipher = Cipher.getInstance("SM2", "BC");
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
return cipher.doFinal(data);
} catch (Exception e) {
//TODO 做异常处理
}
}
// 解密
public static byte[] decrypt(byte[] privateKey, byte[] encryptedData) {
try{
PrivateKey priKey = KeyFactory.getInstance("EC", "BC")
.generatePrivate(new PKCS8EncodedKeySpec(privateKey));
Cipher cipher = Cipher.getInstance("SM2", "BC");
cipher.init(Cipher.DECRYPT_MODE, priKey);
return cipher.doFinal(encryptedData);
} catch (Exception e) {
//TODO 做异常处理
}
}
public static void main(String[] args) {
KeyPair keyPair = generateKeyPair();
byte[] a = keyPair.getPublic().getEncoded();
byte[] b = keyPair.getPrivate().getEncoded();
}
}
3 SM4工具类
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import java.security.Security;
public class SM4Util {
static {
Security.addProvider(new BouncyCastleProvider());
}
// 生成SM4密钥
public static byte[] generateKey() {
try{
KeyGenerator keyGenerator = KeyGenerator.getInstance("SM4", "BC");
keyGenerator.init(128); // 可选 128 或 256
SecretKey secretKey = keyGenerator.generateKey();
return secretKey.getEncoded();
} catch (Exception e) {
//TODO 处理异常
}
}
// 加密
public static byte[] encrypt(byte[] keyBytes, byte[] data) {
try{
SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "SM4");
Cipher cipher = Cipher.getInstance("SM4/ECB/PKCS5Padding", "BC");
cipher.init(Cipher.ENCRYPT_MODE, keySpec);
return cipher.doFinal(data);
} catch (Exception e) {
//TODO 处理异常
}
}
// 解密
public static byte[] decrypt(byte[] keyBytes, byte[] encryptedData) {
try{
SecretKeySpec keySpec = new SecretKeySpec(keyBytes, "SM4");
Cipher cipher = Cipher.getInstance("SM4/ECB/PKCS5Padding", "BC");
cipher.init(Cipher.DECRYPT_MODE, keySpec);
return cipher.doFinal(encryptedData);
} catch (Exception e) {
//TODO 处理异常
}
}
}
4 Hmac-sm3工具类
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.crypto.digests.SM3Digest;
import org.bouncycastle.crypto.macs.HMac;
import org.bouncycastle.crypto.params.KeyParameter;
import java.security.SecureRandom;
public class HmacSM3Util {
/**
* 计算 HMAC-SM3
*
* @param key 密钥
* @param data 数据
* @return HMAC-SM3 值
*/
public static byte[] hmacSM3(byte[] key, byte[] data) {
HMac hmac = new HMac(new SM3Digest());
hmac.init(new KeyParameter(key));
hmac.update(data, 0, data.length);
byte[] result = new byte[hmac.getMacSize()];
hmac.doFinal(result, 0);
return result;
}
/**
* 生成指定长度的随机密钥
*
* @param length 密钥长度(字节)
* @return 随机生成的密钥
*/
public static byte[] generateRandomKey(int length) {
SecureRandom random = new SecureRandom();
byte[] key = new byte[length];
random.nextBytes(key);
return key;
}
// 示例用法
public static void main(String[] args) {
// 生成随机密钥
byte[] key = generateRandomKey(16); // 16字节长度的随机密钥
// 待计算的数据
byte[] data = "Hello, HMAC-SM3!".getBytes();
// 计算 HMAC-SM3 值
byte[] hmacValue = hmacSM3(key, data);
}
}
