1# 使用SM4对称密钥(GCM模式)分段加解密(ArkTS) 2 3<!--Kit: Crypto Architecture Kit--> 4<!--Subsystem: Security--> 5<!--Owner: @zxz--3--> 6<!--Designer: @lanming--> 7<!--Tester: @PAFT--> 8<!--Adviser: @zengyawen--> 9 10对应的算法规格请查看[对称密钥加解密算法规格:SM4](crypto-sym-encrypt-decrypt-spec.md#sm4)。 11 12**加密** 13 141. 调用[cryptoFramework.createSymKeyGenerator](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatesymkeygenerator)、[SymKeyGenerator.generateSymKey](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatesymkey-1),生成密钥算法为SM4、密钥长度为128位的对称密钥(SymKey)。 15 16 如何生成SM4对称密钥,开发者可参考下文示例,并结合[对称密钥生成和转换规格:SM4](crypto-sym-key-generation-conversion-spec.md#sm4)和[随机生成对称密钥](crypto-generate-sym-key-randomly.md)理解,参考文档与当前示例可能存在入参差异,请在阅读时注意区分。 17 182. 调用[cryptoFramework.createCipher](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatecipher),指定字符串参数'SM4_128|GCM|PKCS7',创建对称密钥类型为SM4_128、分组模式为GCM、填充模式为PKCS7的Cipher实例,用于完成加密操作。 19 203. 调用[Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1),设置模式为加密(CryptoMode.ENCRYPT_MODE),指定加密密钥(SymKey)和GCM模式对应的加密参数(GcmParamsSpec),初始化加密Cipher实例。 21 224. 将一次传入数据量设置为20字节,多次调用[Cipher.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-1),更新数据(明文)。 23 24 - 当前单次update长度没有限制,开发者可以根据数据量判断如何调用update。 25 - 建议开发者对每次update的结果都判断是否为null,并在结果不为null时取出其中的数据进行拼接,形成完整的密文。因为在不同的规格下,update的结果可能会受到不同影响。 26 27 1)比如ECB和CBC模式,始终以分组作为基本单位来加密,并输出本次update产生的加密分组结果。即当本次update操作凑满一个分组就输出密文,没有凑满则此次update输出null,将未加密的数据与下次输入的数据拼接凑分组再输出。等到最后doFinal的时候,将未加密的数据,根据指定的填充模式进行填充,再输出剩余加密结果。解密过程中的update同理。 28 29 2)对于流加密模式(比如CTR和OFB模式),通常密文长度和明文长度相等。 30 315. 调用[Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1),获取加密后的数据。 32 33 - 由于已使用update传入数据,此处data传入null。 34 - doFinal输出结果可能为null,在访问具体数据前,需要先判断结果是否为null,避免产生异常。 35 366. 读取[GcmParamsSpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#gcmparamsspec).authTag作为解密的认证信息。 37 38 在GCM模式下,需要从加密后的数据中取出末尾16字节,作为解密时初始化的认证信息。示例中authTag恰好为16字节。 39 40**解密** 41 421. 调用[cryptoFramework.createCipher](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatecipher),指定字符串参数'SM4_128|GCM|PKCS7',创建对称密钥类型为SM4_128、分组模式为GCM、填充模式为PKCS7的Cipher实例,用于完成解密操作。 43 442. 调用[Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1),设置模式为解密(CryptoMode.DECRYPT_MODE),指定解密密钥(SymKey)和GCM模式对应的解密参数(GcmParamsSpec),初始化解密Cipher实例。 45 463. 将一次传入数据量设置为20字节,多次调用[Cipher.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-1),更新数据(密文)。 47 484. 调用[Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1),获取解密后的数据。 49 50- 异步方法示例: 51 52 ```ts 53 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 54 import { buffer } from '@kit.ArkTS'; 55 56 function generateRandom(len: number) { 57 let rand = cryptoFramework.createRandom(); 58 let generateRandSync = rand.generateRandomSync(len); 59 return generateRandSync; 60 } 61 62 function genGcmParamsSpec() { 63 let ivBlob = generateRandom(12); 64 let arr = [1, 2, 3, 4, 5, 6, 7, 8]; // 8 bytes 65 let dataAad = new Uint8Array(arr); 66 let aadBlob: cryptoFramework.DataBlob = { data: dataAad }; 67 arr = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; // 16 bytes 68 let dataTag = new Uint8Array(arr); 69 let tagBlob: cryptoFramework.DataBlob = { 70 data: dataTag 71 }; // The GCM authTag is obtained by doFinal() in encryption and passed in params of init() in decryption. 72 let gcmParamsSpec: cryptoFramework.GcmParamsSpec = { 73 iv: ivBlob, 74 aad: aadBlob, 75 authTag: tagBlob, 76 algName: "GcmParamsSpec" 77 }; 78 return gcmParamsSpec; 79 } 80 let gcmParams = genGcmParamsSpec(); 81 // 分段加密消息。 82 async function encryptMessageUpdateBySegment(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) { 83 let cipher = cryptoFramework.createCipher('SM4_128|GCM|PKCS7'); 84 await cipher.init(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, gcmParams); 85 let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求。 86 let cipherText = new Uint8Array(); 87 for (let i = 0; i < plainText.data.length; i += updateLength) { 88 let updateMessage = plainText.data.subarray(i, i + updateLength); 89 let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage }; 90 // 分段update。 91 let updateOutput = await cipher.update(updateMessageBlob); 92 // 把update的结果拼接起来,得到密文(有些情况下还需拼接doFinal的结果,这取决于分组模式。 93 // 和填充模式,本例中GCM模式的doFinal结果只包含authTag而不含密文,所以不需要拼接)。 94 let mergeText = new Uint8Array(cipherText.length + updateOutput.data.length); 95 mergeText.set(cipherText); 96 mergeText.set(updateOutput.data, cipherText.length); 97 cipherText = mergeText; 98 } 99 gcmParams.authTag = await cipher.doFinal(null); 100 let cipherBlob: cryptoFramework.DataBlob = { data: cipherText }; 101 return cipherBlob; 102 } 103 // 分段解密消息。 104 async function decryptMessagePromise(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) { 105 let decoder = cryptoFramework.createCipher('SM4_128|GCM|PKCS7'); 106 await decoder.init(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, gcmParams); 107 let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求。 108 let decryptText = new Uint8Array(); 109 for (let i = 0; i < cipherText.data.length; i += updateLength) { 110 let updateMessage = cipherText.data.subarray(i, i + updateLength); 111 let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage }; 112 // 分段update。 113 let updateOutput = await decoder.update(updateMessageBlob); 114 // 把update的结果拼接起来,得到明文。 115 let mergeText = new Uint8Array(decryptText.length + updateOutput.data.length); 116 mergeText.set(decryptText); 117 mergeText.set(updateOutput.data, decryptText.length); 118 decryptText = mergeText; 119 } 120 let decryptData = await decoder.doFinal(null); 121 if (decryptData === null) { 122 console.info('GCM decrypt success, decryptData is null'); 123 } 124 let decryptBlob: cryptoFramework.DataBlob = { data: decryptText }; 125 return decryptBlob; 126 } 127 async function genSymKeyByData(symKeyData: Uint8Array) { 128 let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData }; 129 let sm4Generator = cryptoFramework.createSymKeyGenerator('SM4_128'); 130 let symKey = await sm4Generator.convertKey(symKeyBlob); 131 console.info('convertKey success'); 132 return symKey; 133 } 134 async function sm4() { 135 let keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]); 136 let symKey = await genSymKeyByData(keyData); 137 let message = "aaaaa.....bbbbb.....ccccc.....ddddd.....eee"; // 假设信息总共43字节,根据utf-8解码后,也是43字节。 138 let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) }; 139 let encryptText = await encryptMessageUpdateBySegment(symKey, plainText); 140 let decryptText = await decryptMessagePromise(symKey, encryptText); 141 if (plainText.data.toString() === decryptText.data.toString()) { 142 console.info('decrypt ok'); 143 console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8')); 144 } else { 145 console.error('decrypt failed'); 146 } 147 } 148 ``` 149 150- 同步方法示例: 151 152 ```ts 153 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 154 import { buffer } from '@kit.ArkTS'; 155 156 function generateRandom(len: number) { 157 let rand = cryptoFramework.createRandom(); 158 let generateRandSync = rand.generateRandomSync(len); 159 return generateRandSync; 160 } 161 162 function genGcmParamsSpec() { 163 let ivBlob = generateRandom(12); // 12 bytes 164 let arr = [1, 2, 3, 4, 5, 6, 7, 8]; // 8 bytes 165 let dataAad = new Uint8Array(arr); 166 let aadBlob: cryptoFramework.DataBlob = { data: dataAad }; 167 arr = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; // 16 bytes 168 let dataTag = new Uint8Array(arr); 169 let tagBlob: cryptoFramework.DataBlob = { 170 data: dataTag 171 }; // The GCM authTag is obtained by doFinal() in encryption and passed in params of init() in decryption. 172 let gcmParamsSpec: cryptoFramework.GcmParamsSpec = { 173 iv: ivBlob, 174 aad: aadBlob, 175 authTag: tagBlob, 176 algName: "GcmParamsSpec" 177 }; 178 return gcmParamsSpec; 179 } 180 let gcmParams = genGcmParamsSpec(); 181 // 分段加密消息。 182 function encryptMessageUpdateBySegment(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) { 183 let cipher = cryptoFramework.createCipher('SM4_128|GCM|PKCS7'); 184 cipher.initSync(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, gcmParams); 185 let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求。 186 let cipherText = new Uint8Array(); 187 for (let i = 0; i < plainText.data.length; i += updateLength) { 188 let updateMessage = plainText.data.subarray(i, i + updateLength); 189 let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage }; 190 // 分段update。 191 let updateOutput = cipher.updateSync(updateMessageBlob); 192 // 把update的结果拼接起来,得到密文(有些情况下还需拼接doFinal的结果,这取决于分组模式。 193 // 和填充模式,本例中GCM模式的doFinal结果只包含authTag而不含密文,所以不需要拼接)。 194 let mergeText = new Uint8Array(cipherText.length + updateOutput.data.length); 195 mergeText.set(cipherText); 196 mergeText.set(updateOutput.data, cipherText.length); 197 cipherText = mergeText; 198 } 199 gcmParams.authTag = cipher.doFinalSync(null); 200 let cipherBlob: cryptoFramework.DataBlob = { data: cipherText }; 201 return cipherBlob; 202 } 203 // 分段解密消息。 204 function decryptMessage(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) { 205 let decoder = cryptoFramework.createCipher('SM4_128|GCM|PKCS7'); 206 decoder.initSync(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, gcmParams); 207 let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求。 208 let decryptText = new Uint8Array(); 209 for (let i = 0; i < cipherText.data.length; i += updateLength) { 210 let updateMessage = cipherText.data.subarray(i, i + updateLength); 211 let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage }; 212 // 分段update。 213 let updateOutput = decoder.updateSync(updateMessageBlob); 214 // 把update的结果拼接起来,得到明文。 215 let mergeText = new Uint8Array(decryptText.length + updateOutput.data.length); 216 mergeText.set(decryptText); 217 mergeText.set(updateOutput.data, decryptText.length); 218 decryptText = mergeText; 219 } 220 let decryptData = decoder.doFinalSync(null); 221 if (decryptData === null) { 222 console.info('GCM decrypt success, decryptData is null'); 223 } 224 let decryptBlob: cryptoFramework.DataBlob = { data: decryptText }; 225 return decryptBlob; 226 } 227 function genSymKeyByData(symKeyData: Uint8Array) { 228 let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData }; 229 let sm4Generator = cryptoFramework.createSymKeyGenerator('SM4_128'); 230 let symKey = sm4Generator.convertKeySync(symKeyBlob); 231 console.info('convertKeySync success'); 232 return symKey; 233 } 234 function main() { 235 let keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]); 236 let symKey = genSymKeyByData(keyData); 237 let message = "aaaaa.....bbbbb.....ccccc.....ddddd.....eee"; // 假设信息总共43字节,根据utf-8解码后,也是43字节。 238 let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) }; 239 let encryptText = encryptMessageUpdateBySegment(symKey, plainText); 240 let decryptText = decryptMessage(symKey, encryptText); 241 if (plainText.data.toString() === decryptText.data.toString()) { 242 console.info('decrypt ok'); 243 console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8')); 244 } else { 245 console.error('decrypt failed'); 246 } 247 } 248 249 ``` 250