修复 SM2 ECB 模式解密失败问题

deatil · Jun 4, 2024 · 4980464 · 4980464
1 parent 363a2ad
commit 4980464
Show file tree

Hide file tree

Showing 3 changed files with 38 additions and 31 deletions.
diff --git a/cryptobin/sm2/encryption.go b/cryptobin/sm2/encryption.go
@@ -4,6 +4,7 @@ import (
  "bytes"
  "errors"
  "crypto/rand"
+ "encoding/asn1"
 
  "github.com/deatil/go-cryptobin/gm/sm2"
 )
@@ -113,16 +114,16 @@ func (this SM2) EncryptECB() SM2 {
  endIndex = plainTextSize
  }
 
- enc := this.FromBytes(plainText[offSet:endIndex]).Encrypt()
+ enc := this.
+ FromBytes(plainText[offSet:endIndex]).
+ Encrypt()
 
  err := enc.Error()
  if err != nil {
  return this.AppendError(err)
  }
 
- bytesOnce := enc.ToBytes()
-
- buffer.Write(bytesOnce)
+ buffer.Write(enc.ToBytes())
  offSet = endIndex
  }
 
@@ -139,7 +140,16 @@ func (this SM2) DecryptECB() SM2 {
  }
 
  cipherText := this.data
- priSize, cipherTextSize := ecbSize, len(cipherText)
+
+ size := 32
+ if this.signHash != nil {
+ size = this.signHash().Size()
+ }
+
+ byteLen := (this.privateKey.Curve.Params().BitSize + 7) / 8
+
+ priSize := 1 + 2*byteLen + size + ecbSize
+ cipherTextSize := len(cipherText)
 
  offSet := 0
  buffer := bytes.Buffer{}
@@ -150,16 +160,16 @@ func (this SM2) DecryptECB() SM2 {
  endIndex = cipherTextSize
  }
 
- dec := this.FromBytes(cipherText[offSet:endIndex]).Decrypt()
+ dec := this.
+ FromBytes(cipherText[offSet:endIndex]).
+ Decrypt()
 
  err := dec.Error()
  if err != nil {
  return this.AppendError(err)
  }
 
- bytesOnce := dec.ToBytes()
-
- buffer.Write(bytesOnce)
+ buffer.Write(dec.ToBytes())
  offSet = endIndex
  }
 
@@ -189,16 +199,16 @@ func (this SM2) EncryptASN1ECB() SM2 {
  endIndex = plainTextSize
  }
 
- enc := this.FromBytes(plainText[offSet:endIndex]).EncryptASN1()
+ enc := this.
+ FromBytes(plainText[offSet:endIndex]).
+ EncryptASN1()
 
  err := enc.Error()
  if err != nil {
  return this.AppendError(err)
  }
 
- bytesOnce := enc.ToBytes()
-
- buffer.Write(bytesOnce)
+ buffer.Write(enc.ToBytes())
  offSet = endIndex
  }
 
@@ -215,28 +225,26 @@ func (this SM2) DecryptASN1ECB() SM2 {
  }
 
  cipherText := this.data
- priSize, cipherTextSize := ecbSize, len(cipherText)
 
- offSet := 0
  buffer := bytes.Buffer{}
+ for {
+ var part asn1.RawValue
+ cipherText, _ = asn1.Unmarshal(cipherText, &part)
 
- for offSet < cipherTextSize {
- endIndex := offSet + priSize
- if endIndex > cipherTextSize {
- endIndex = cipherTextSize
+ if cipherText == nil {
+ break
  }
 
- dec := this.FromBytes(cipherText[offSet:endIndex]).DecryptASN1()
+ dec := this.
+ FromBytes(part.FullBytes).
+ DecryptASN1()
 
  err := dec.Error()
  if err != nil {
  return this.AppendError(err)
  }
 
- bytesOnce := dec.ToBytes()
-
- buffer.Write(bytesOnce)
- offSet = endIndex
+ buffer.Write(dec.ToBytes())
  }
 
  this.parsedData = buffer.Bytes()

diff --git a/cryptobin/sm2/sm2_test.go b/cryptobin/sm2/sm2_test.go
@@ -1111,7 +1111,7 @@ func Test_SM2_EncryptECB(t *testing.T) {
  FromString(data).
  FromPrivateKeyBytes(sm2keyBytes).
  MakePublicKey().
- Encrypt()
+ EncryptECB()
  enData := en.ToBase64String()
 
  assertError(en.Error(), "Test_SM2_EncryptECB-Encrypt")
@@ -1120,13 +1120,13 @@ func Test_SM2_EncryptECB(t *testing.T) {
  de := sm2.
  FromBase64String(enData).
  FromPrivateKeyBytes(sm2keyBytes).
- Decrypt()
+ DecryptECB()
  deData := de.ToString()
 
  assertError(de.Error(), "Test_SM2_EncryptECB-Decrypt")
  assertNotEmpty(deData, "Test_SM2_EncryptECB-Decrypt")
 
- assertEqual(data, deData, "Test_SM2_EncryptECB-Dedata")
+ assertEqual(deData, data, "Test_SM2_EncryptECB-Dedata")
 }
 
 func Test_SM2_EncryptASN1ECB(t *testing.T) {
@@ -1147,7 +1147,7 @@ func Test_SM2_EncryptASN1ECB(t *testing.T) {
  FromString(data).
  FromPrivateKeyBytes(sm2keyBytes).
  MakePublicKey().
- EncryptASN1()
+ EncryptASN1ECB()
  enData := en.ToBase64String()
 
  assertError(en.Error(), "Test_SM2_EncryptASN1ECB-Encrypt")
@@ -1156,11 +1156,11 @@ func Test_SM2_EncryptASN1ECB(t *testing.T) {
  de := sm2.
  FromBase64String(enData).
  FromPrivateKeyBytes(sm2keyBytes).
- DecryptASN1()
+ DecryptASN1ECB()
  deData := de.ToString()
 
  assertError(de.Error(), "Test_SM2_EncryptASN1ECB-Decrypt")
  assertNotEmpty(deData, "Test_SM2_EncryptASN1ECB-Decrypt")
 
- assertEqual(data, deData, "Test_SM2_EncryptASN1ECB-Dedata")
+ assertEqual(deData, data, "Test_SM2_EncryptASN1ECB-Dedata")
 }
diff --git a/gm/sm2/sm2.go b/gm/sm2/sm2.go
@@ -487,7 +487,6 @@ func decrypt(priv *PrivateKey, data []byte, h hashFunc) ([]byte, error) {
  md.Write(y2Buf)
 
  hashed := md.Sum(nil)
-
  if bytes.Compare(hashed, hash) != 0 {
  return nil, errDecryption
  }