vue前端国密SM2, SM4 算法实现

vue前端国密SM2, SM4 算法实现

整体加密逻辑是，首先生成16位key值 用SM2 公钥加密该key值，后端用sm2私钥 解密出key值，然后采用sm4方法根据key值对返回值进行加密，前端采用sm4 对后端返回结果进行解密进行前端展示

目前主要常用的国密算法有sm-crypto，gm-crypto，gm-crypt（SM4）

SM2+ sm-crypto

1、安装sm-crypto

npm install --save sm-crypto

2、包装加解密方法

const sm2 = require('sm-crypto').sm2// 获取密钥对// let keypair = sm2.generateKeyPairHex()// const publicKey = keypair.publicKey // 公钥// const privateKey = keypair.privateKey // 私钥// 和后端约定得密钥对公钥如公钥字符串前面无04需加上04const publicKey = ‘04xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'// sm2 加密export const rsaPublicData = function (data) {const cipherMode = 1const result = sm2.doEncrypt(data, publicKey, cipherMode)return result}// sm-解密export const rsaPublicData1 = function (data) {const cipherMode = 1const result = sm2.doDecrypt(data, privateKey, cipherMode)return result}

sm2+gm-crypto

1、安装gm-crypto

npm install --save gm-crypto

2、包装加解密方法

import { SM2 } from 'gm-crypto'// 获取密钥对/// const { publicKey, privateKey } = SM2.generateKeyPair()// 和后端约定得密钥对公钥如公钥字符串前面无04需加上04const publicKey = ‘04xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'// gm0 sm2export const rsaPublicData = function (data) {const cipherMode = {inputEncoding: 'utf8',outputEncoding: 'base64'}const result = SM2.encrypt(data, publicKey, cipherMode)return result}// sm-解密export const rsaPublicData1 = function (data) {const cipherMode = {inputEncoding: 'base64',outputEncoding: 'utf8'}const result = SM2.decrypt(data, privateKey, cipherMode)return result}

sm4+gm-crypt

1、安装gm-crypt

npm install --save gm-crypt

2、包装加解密方法

const SM4 = require('gm-crypt').sm4// 加密export const Encrypt = (word, key) => {const sm4Config = {key,mode: 'ecb',cipherType: 'base64'}const sm4 = new SM4(sm4Config)const ecryptedStr = sm4.encrypt(word)return ecryptedStr}// 解密export const Decrypt = (word, key) => {const sm4Config = {key,mode: 'ecb',cipherType: 'base64'}const sm4 = new SM4(sm4Config)const decryptedStr = sm4.decrypt(word)return decryptedStr}

具体接口中应用

在公司项目中采用的是gm-crypto中的sm2和 gm-crypt 中的sm4
具体对应的算法需要和后端选取的对应

let keys = nanoid(16)//采用nanoid生成16位字符串// 举例在接口getInfo中的应用，encryptedStr是和后端约定的字段名称getInfo({encryptedStr: rsaPublicData(keys)}).then(res=> {const data = JSON.parse(Decrypt(res.result, keys)) // 对后端返回的数据进行解密，转化成json格式)

参考资料
https://www.npmjs.com/package/sm-crypto
https://www.npmjs.com/package/sm-crypto
https://www.npmjs.com/package/gm-crypt