HarmonyOS 鸿蒙Next中国密加解密
HarmonyOS 鸿蒙Next中国密加解密 有相关的国密加解密的demo吗,主要涉及到sm4加解密、sm2、sm3 签名及验签,主要一些数据格式的转化不熟练,希望能提供个demo 接口国密加密入参,回参解密需要
4 回复
以下是SM4加解密开发指南以及demo,SM2加解密、验签开发指南以及demo链接:
- SM2加密使用指南:https://developer.huawei.com/consumer/cn/doc/harmonyos-guides-V5/crypto-sm2-asym-encrypt-decrypt-V5
- SM2密钥对签名验签:https://developer.huawei.com/consumer/cn/doc/harmonyos-guides-V5/crypto-sm2-sign-sig-verify-pkcs1-V5
- SM4加密使用指南:https://developer.huawei.com/consumer/cn/doc/harmonyos-guides-V5/crypto-sm4-sym-encrypt-decrypt-ecb-V5
- 加解密算法库框架API文档:https://developer.huawei.com/consumer/cn/doc/harmonyos-references-V5/js-apis-cryptoframework-V5
关于ArkTS使用加解密时进行数据处理,可以参考以下demo:
import { systemDateTime } from '@kit.BasicServicesKit';
import { HashMap } from '@ohos.util.HashMap';
import { ArrayList, TreeMap, util } from '@kit.ArkTS';
private chnlId: string = "B2D051287CCC440AA35AC8A3A1A25DF7";
private sm4Key: string = "B43FEB3A704F41DAAB06C2129AFBEAB6";
private prvkey: string = "AIMA5mO+UsEIZwa+8SWiOr9YEPot2+pJzXM0NIDE5G0F";
private pubkey: string = "BH4K0o+TX/WyspBF7kI5vmHx7Q9RyUY58DjPgXxHnWzG9W9ECgpAQvmTKD+zKect9di4zfzSDc37saAJFL/EWxI=";
private version: string = "1.0.0";
private encType: string = "SM4";
private signType: string = "plain";
private ignoreSign: string[] = ['signData', 'encData', 'extra'];
// map用例 HashMap<string, string|number>,这里value数据类型使用 string|number ,可根据需求指定数据类型,ArtTS不支持泛型(比如TS中的any、unknown等)
function encryptMsg2(body: string): HashMap<string, string|number> {
let map = new HashMap<string, string|number>();
map.set("data", body);
map.set("appId", this.chnlId);
map.set("encType", this.encType);
map.set("signType", this.signType);
map.set("timestamp", systemDateTime.getTime());
map.set("version", this.version);
// 签名
let signData: string = this.signature(map, this.sm4Key, this.prvkey);
map.remove("data");
map.set("signData", signData);
map.set("encData", body);
return map;
}
function signature(map: HashMap<string, string|number>, sm4Key: string, prvkey: string): string {
let base64Helper = new util.Base64Helper();
let byteArr: Array<number> = [];
try {
byteArr = this.getSignText(map, sm4Key);
} catch (err) {
byteArr = this.stringToArray(JSON.stringify(this.mapIterator(map)));
}
let chnlSecretByte = this.stringToArray(sm4Key);
let prvkeyTemp: Uint8Array = base64Helper.decodeSync(prvkey);
// return base64Helper.encodeToStringSync( this.signSm3WithSm2(byteArr,chnlSecretByte,prvkeyTemp) )
return "";
}
function signSm3WithSm2(byteArr: Array<number>, chnlSecretByte: Array<number>, prvkeyTemp: Uint8Array) {
// 无具体代码实现
return new Uint8Array();
}
// Record没有hashmap这么灵活的操作方法,hashmap没有 Record 对象转换JSON串的优势,对应JAVA中如果需要将数据转换字符串处理使用Record
// 遍历map集合,去空值,并且生成一个Record对象(对应JAVA中JSONObject,可转换成类似于JSON串或者JSON对象的操作)
function mapIterator(map: HashMap<string, string|number>) {
let record: Record<string, string|number> = {};
try {
let iter = map.keys();
let temp: IteratorResult<string> = iter.next();
while (!temp.done) {
let key = temp.value;
let value = map.get(key);
if (value) { // 简单判空
record[key] = value;
}
temp = iter.next();
}
} catch (err) {
console.log(err);
}
return record;
}
// 将string字符串转换成byte数组
function stringToArray(str: string) {
let arr: Array<number> = [];
for (let i = 0, j = str.length; i < j; ++i) {
arr.push(str.charCodeAt(i));
}
return arr;
}
function getSignText(map: HashMap<string, string|number>, appSecret: string): Array<number> {
let treeMap: TreeMap<string, string|number> = new TreeMap<string, string|number>();
// 1
let iter = map.keys();
let temp: IteratorResult<string> = iter.next();
while (!temp.done) {
let key = temp.value;
let value = map.get(key);
if (value && !this.ignoreSign.includes(key)) {
treeMap.set(key, value);
}
temp = iter.next();
}
// 2 treeMap自动将key做了升序排序,存入List时就是升序的内容
let strList: ArrayList<string|number> = new ArrayList<string|number>();
let iterTreeMap = treeMap.keys();
let tempTreeMap: IteratorResult<string> = iterTreeMap.next();
while (!tempTreeMap.done) {
let key = tempTreeMap.value;
let value = treeMap.get(key);
if (value) {
strList.add(key + "=" + value + "&");
}
tempTreeMap = iterTreeMap.next();
}
let strTemp = "";
for (let i = 0; i < strList.length; ++i) {
strTemp += strList[i];
}
strTemp += "key=" + appSecret;
return this.stringToArray(strTemp);
}
更多关于HarmonyOS 鸿蒙Next中国密加解密的实战系列教程也可以访问 https://www.itying.com/category-93-b0.html
HarmonyOS鸿蒙Next中的中国密加解密主要基于国家密码管理局(OSCCA)认证的加密算法,包括SM2、SM3、SM4等。SM2用于非对称加密和数字签名,SM3用于生成哈希值,SM4用于对称加密。鸿蒙Next提供了相应的API接口,开发者可以直接调用这些接口实现数据的加密、解密、签名和验证等功能。系统还支持硬件级别的安全加密,确保数据在传输和存储过程中的安全性。鸿蒙Next的密加解密模块符合中国国家密码标准,适用于金融、政务、物联网等对安全性要求较高的领域。
