Giter VIP home page Giter VIP logo

Comments (10)

lpilp avatar lpilp commented on August 13, 2024

如果算法没变,只是变了椭圆,应该是没问题的, 修改 src/ecc/Sm2Curve.php的参数为新的椭圆参数,总共6个参数, p,a,b, order, 加上基准点的x,y
还有就是 src/sm/RtSm2.php 中,我做非对称加密的时候,有一个参数是否固定foreign key那,把那个foreignKey的公私钥串,换成新的椭圆的,如果只是做签名用,应该直接修改 src/ecc/Sm2Curve.php椭圆参数就行

from phpsm2sm3sm4.

lpilp avatar lpilp commented on August 13, 2024

``
public function curve256r1(): NamedCurveFp
{
$p = gmp_init('0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF', 16);
$a = gmp_init('0xFFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC', 16);
$b = gmp_init('0x5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B', 16);

    $parameters = new CurveParameters(256, $p, $a, $b);

    return new NamedCurveFp(self::NAME_SECP_256R1, $parameters, $this->adapter);
}

/**
 * @param RandomNumberGeneratorInterface $randomGenerator
 * @return GeneratorPoint
 */
public function generator256r1(RandomNumberGeneratorInterface $randomGenerator = null): GeneratorPoint
{
    $curve = $this->curve256r1();

    $order = gmp_init('0xFFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551', 16);
    $x = gmp_init('0x6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296', 16);
    $y = gmp_init('0x4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5', 16);

    return $curve->getGenerator($x, $y, $order, $randomGenerator);
}

``
是这几个参数的吗?修改下应该就行

from phpsm2sm3sm4.

liuende501 avatar liuende501 commented on August 13, 2024

好的,谢谢,我试下。

from phpsm2sm3sm4.

lpilp avatar lpilp commented on August 13, 2024

好的,谢谢,我试下。

不过我查了下,国密 sm2只有那一个椭圆的样子,你这个使用的sepcp256r1的在哪里介绍的,有相关的链接不, secp256r1只是普通的ecc算法中的一个椭圆

from phpsm2sm3sm4.

liuende501 avatar liuende501 commented on August 13, 2024

在这里有看到说明 https://github.com/xjfuuu/SM2_SM3_SM4Encrypt,
image

然后用 openssl ec -noout -text -pubin -in sub.pem 检查了下第三方提供的公钥,是这样的
image

demo 用的库

from phpsm2sm3sm4.

lpilp avatar lpilp commented on August 13, 2024

这是用 secp256r1的椭圆当国密用椭圆, 官方的椭圆是 oid = 1.2.156.10197.1.301, 就是我代码里的,如果双方都用同一个椭圆的话,是可以互签互认的, 但现在金融等行业里用的椭圆都是官方的 oid=1.2.156.10197.1.301的椭圆,我看了他这个项目的源码,那个reademe的图有问题的,可能就是当时作者没有找到国密椭圆的oid使用了secp256的, 源码里明明用的是 官方的椭圆,不知道他怎么算出secp256r1的出来, https://github.com/xjfuuu/SM2_SM3_SM4Encrypt/blob/master/src/main/java/cn/xjfme/encrypt/utils/sm2/SM2.java

from phpsm2sm3sm4.

liuende501 avatar liuende501 commented on August 13, 2024

你好,上面说的把那个foreignKey的公私钥串,换成新的椭圆的,这个具体怎么做能否细讲下。。。。

from phpsm2sm3sm4.

lpilp avatar lpilp commented on August 13, 2024

加密的时候每次会生成一个中间密码对,密码对的publickey就是加密后的C1值,这个如果每次加密都生成一个临时密码对的话,性能会降低,理论上这个密码对用固定的话,理论上降低了破解的难度,固定的字符串加密后就是固定了,如果中间密码对不固定的话,同一个字符串每次加密的值都不一样。我的代码里缺省是每次生成一个的,用参数:$useDerandomizedEncrypt = false; 为true的时候 就会每次使用foregnkey当临时密码对来使用,这个密码对就是你跑一下生成密码对 test/tsm2.php里,生成一个密码对换上就行了, 代码里的密码对是用标准椭圆生成的,你要用secp256话,就得重新生成一对,不然椭圆不匹配就出错了; 当然如果$useDerandomizedEncrypt是false的话,就无所谓了

from phpsm2sm3sm4.

liuende501 avatar liuende501 commented on August 13, 2024

那测试过了,默认是 fasle 的,只更换上面的参数出来的结果长度不对,是 253 奇数,我再看看啊

from phpsm2sm3sm4.

lpilp avatar lpilp commented on August 13, 2024

用我那个代码应该是偶数来的, 最后的16进制长度 128(c1) + 64(c3) + strlen($str) *2 个16进制数

from phpsm2sm3sm4.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.