namespace OASystem.API.OAMethodLib
{
/**
* need lib:
* BouncyCastle.Crypto.dll(http://www.bouncycastle.org/csharp/index.html)(这段代码写的时候用的bccrypto-csharp-1.8.8,最低支持版本和最高支持版本自己研究)
* log4net.dll(http://logging.apache.org/log4net/)(仅为了输出日志用,不用的话可自行改换其他方式输出异常信息)
*
* ref:
* https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
* http://gmssl.org/docs/oid.html
* http://www.jonllen.com/jonllen/work/164.aspx
*
* 用BC的注意点:
* 这个版本的BC对SM3withSM2的结果为asn1格式的r和s,如果需要直接拼接的r||s需要自己转换。下面rsAsn1ToPlainByteArray、rsPlainByteArrayToAsn1就在干这事。
* 这个版本的BC对SM2的结果为C1||C2||C3,据说为旧标准,新标准为C1||C3||C2,用新标准的需要自己转换。下面(被注释掉的)changeC1C2C3ToC1C3C2、changeC1C3C2ToC1C2C3就在干这事。java版的高版本有加上C1C3C2,csharp版没准以后也会加,但目前还没有,java版的目前可以初始化时“ SM2Engine sm2Engine = new SM2Engine(SM2Engine.Mode.C1C3C2);”。
*
*/
public class GmUtil
{
private static X9ECParameters x9ECParameters = GMNamedCurves.GetByName("sm2p256v1");
private static ECDomainParameters ecDomainParameters = new ECDomainParameters(x9ECParameters.Curve, x9ECParameters.G, x9ECParameters.N);
//国密标准公钥头(固定值)
public const string SM2_KEY_TITLE = "3059301306072a8648ce3d020106082a811ccf5501822d03420004";
//国密局推荐 ID(固定值)
public const string SM_USER_ID = "1234567812345678";
//国密私钥
public const string SM_PRIVATE_KEY = "D5F2AFA24E6BA9071B54A8C9AD735F9A1DE9C4657FA386C09B592694BC118B38";
//国密公钥 base64
public const string SM_PUBLIC_KEY = "MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE6Q+fktsnY9OFP+LpSR5Udbxf5zHCFO0PmOKlFNTxDIGl8jsPbbB/9ET23NV+acSz4FEkzD74sW2iiNVHRLiKHg==";
/**
*
* @param msg
* @param userId
* @param privateKey
* @return r||s,直接拼接byte数组的rs
*/
public static byte[] SignSm3WithSm2(byte[] msg, byte[] userId, AsymmetricKeyParameter privateKey)
{
return RsAsn1ToPlainByteArray(SignSm3WithSm2Asn1Rs(msg, userId, privateKey));
}
/**
* 将BC SM2 RAW签名值转化为ASN1格式签名值
* @param bcCipTxt
* @return
* @throws Exception
*/
private static byte[] signRawToAsn1(byte[] bcCipTxt)
{
byte[] netSignCipTxt = new byte[73];
byte[] signR = new byte[32];
byte[] signS = new byte[32];
Buffer.BlockCopy(bcCipTxt, 0, signR, 0, 32);
Buffer.BlockCopy(bcCipTxt, 32, signS, 0, 32);
//signR补位
int wPos = 4;
netSignCipTxt[0] = 0x30;
netSignCipTxt[2] = 0x02;
if ((signR[0] & 0xFF) >= 128)
{
netSignCipTxt[wPos - 1] = 0x21;
netSignCipTxt[wPos] = 0x00;
wPos += 1;
}
else
{
netSignCipTxt[wPos - 1] = 0x20;
}
Buffer.BlockCopy(signR, 0, netSignCipTxt, wPos, 32);
wPos += 32;
//signS补位
netSignCipTxt[wPos] = 0x02;
wPos += 1;
if ((signS[0] & 0xFF) >= 128)
{
netSignCipTxt[wPos] = 0x21;
wPos += 1;
netSignCipTxt[wPos] = 0x00;
wPos += 1;
}
else
{
netSignCipTxt[wPos] = 0x20;
wPos += 1;
}
Buffer.BlockCopy(signS, 0, netSignCipTxt, wPos, 32);
wPos += 32;
if (70 == wPos)
{
netSignCipTxt[1] = 0x44;
}
else if (71 == wPos)
{
netSignCipTxt[1] = 0x45;
}
else if (72 == wPos)
{
netSignCipTxt[1] = 0x46;
}
else
{
throw new Exception("signRawToAsn1 Error!");
}
byte[] resultBytes = new byte[wPos];
Buffer.BlockCopy(netSignCipTxt, 0, resultBytes, 0, wPos);
return resultBytes;
}
/**
* 将ASN1格式签名值转化为BC SM2 RAW 签名值
*
* @param signature Asn1格式签名值
* @return byte[] Raw签名值
*/
private static byte[] signAsn12Raw(byte[] signature)
{
byte[] resultBytes = new byte[64];
//截取signR
int wPos = 3;
if ((signature[wPos] & 0xFF) == 32)
{
wPos += 1;
}
else if ((signature[wPos] & 0xFF) == 33)
{
wPos += 2;
}
else
{
throw new Exception("signR length Error!");
}
Buffer.BlockCopy(signature, wPos, resultBytes, 0, 32);
wPos += 32;
//截取signS
wPos += 1;
if ((signature[wPos] & 0xFF) == 32)
{
wPos += 1;
}
else if ((signature[wPos] & 0xFF) == 33)
{
wPos += 2;
}
else
{
throw new Exception("signS length Error!");
}
Buffer.BlockCopy(signature, wPos, resultBytes, 32, 32);
return resultBytes;
}
/**
* @param msg
* @param userId
* @param privateKey
* @return rs in asn1 format
*/
public static byte[] SignSm3WithSm2Asn1Rs(byte[] msg, byte[] userId, AsymmetricKeyParameter privateKey)
{
try
{
ISigner signer = SignerUtilities.GetSigner("SM3withSM2");
signer.Init(true, new ParametersWithID(privateKey, userId));
signer.BlockUpdate(msg, 0, msg.Length);
byte[] sig = signer.GenerateSignature();
return sig;
}
catch (Exception e)
{
////log.Error("SignSm3WithSm2Asn1Rs error: " + e.Message, e);
return null;
}
}
/**
*
* @param msg
* @param userId
* @param rs r||s,直接拼接byte数组的rs
* @param publicKey
* @return
*/
public static bool VerifySm3WithSm2(byte[] msg, byte[] userId, byte[] rs, AsymmetricKeyParameter publicKey)
{
if (rs == null || msg == null || userId == null) return false;
if (rs.Length != RS_LEN * 2) return false;
return VerifySm3WithSm2Asn1Rs(msg, userId, RsPlainByteArrayToAsn1(rs), publicKey);
}
/**
*
* @param msg
* @param userId
* @param rs in asn1 format
* @param publicKey
* @return
*/
public static bool VerifySm3WithSm2Asn1Rs(byte[] msg, byte[] userId, byte[] sign, AsymmetricKeyParameter publicKey)
{
try
{
ISigner signer = SignerUtilities.GetSigner("SM3withSM2");
signer.Init(false, new ParametersWithID(publicKey, userId));
signer.BlockUpdate(msg, 0, msg.Length);
return signer.VerifySignature(sign);
}
catch (Exception e)
{
////log.Error("VerifySm3WithSm2Asn1Rs error: " + e.Message, e);
return false;
}
}
/**
* bc加解密使用旧标c1||c2||c3,此方法在加密后调用,将结果转化为c1||c3||c2
* @param c1c2c3
* @return
*/
private static byte[] ChangeC1C2C3ToC1C3C2(byte[] c1c2c3)
{
int c1Len = (x9ECParameters.Curve.FieldSize + 7) / 8 * 2 + 1; //sm2p256v1的这个固定65。可看GMNamedCurves、ECCurve代码。
const int c3Len = 32; //new SM3Digest().getDigestSize();
byte[] result = new byte[c1c2c3.Length];
Buffer.BlockCopy(c1c2c3, 0, result, 0, c1Len); //c1
Buffer.BlockCopy(c1c2c3, c1c2c3.Length - c3Len, result, c1Len, c3Len); //c3
Buffer.BlockCopy(c1c2c3, c1Len, result, c1Len + c3Len, c1c2c3.Length - c1Len - c3Len); //c2
return result;
}
/**
* bc加解密使用旧标c1||c3||c2,此方法在解密前调用,将密文转化为c1||c2||c3再去解密
* @param c1c3c2
* @return
*/
private static byte[] ChangeC1C3C2ToC1C2C3(byte[] c1c3c2)
{
int c1Len = (x9ECParameters.Curve.FieldSize + 7) / 8 * 2 + 1; //sm2p256v1的这个固定65。可看GMNamedCurves、ECCurve代码。
const int c3Len = 32; //new SM3Digest().GetDigestSize();
byte[] result = new byte[c1c3c2.Length];
Buffer.BlockCopy(c1c3c2, 0, result, 0, c1Len); //c1: 0->65
Buffer.BlockCopy(c1c3c2, c1Len + c3Len, result, c1Len, c1c3c2.Length - c1Len - c3Len); //c2
Buffer.BlockCopy(c1c3c2, c1Len, result, c1c3c2.Length - c3Len, c3Len); //c3
return result;
}
/**
* c1||c3||c2
* @param data
* @param key
* @return
*/
public static byte[] Sm2Decrypt(byte[] data, AsymmetricKeyParameter key)
{
return Sm2DecryptOld(ChangeC1C3C2ToC1C2C3(data), key);
}
/**
* c1||c3||c2
* @param data
* @param key
* @return
*/
public static byte[] Sm2Encrypt(byte[] data, AsymmetricKeyParameter key)
{
return ChangeC1C2C3ToC1C3C2(Sm2EncryptOld(data, key));
}
/**
* c1||c2||c3
* @param data
* @param key
* @return
*/
public static byte[] Sm2EncryptOld(byte[] data, AsymmetricKeyParameter pubkey)
{
try
{
SM2Engine sm2Engine = new SM2Engine();
sm2Engine.Init(true, new ParametersWithRandom(pubkey, new SecureRandom()));
return sm2Engine.ProcessBlock(data, 0, data.Length);
}
catch (Exception e)
{
////log.Error("Sm2EncryptOld error: " + e.Message, e);
return null;
}
}
/**
* c1||c2||c3
* @param data
* @param key
* @return
*/
public static byte[] Sm2DecryptOld(byte[] data, AsymmetricKeyParameter key)
{
try
{
SM2Engine sm2Engine = new SM2Engine();
sm2Engine.Init(false, key);
return sm2Engine.ProcessBlock(data, 0, data.Length);
}
catch (Exception e)
{
////log.Error("Sm2DecryptOld error: " + e.Message, e);
return null;
}
}
/**
* @param bytes
* @return
*/
public static byte[] Sm3(byte[] bytes)
{
try
{
SM3Digest digest = new SM3Digest();
digest.BlockUpdate(bytes, 0, bytes.Length);
byte[] result = DigestUtilities.DoFinal(digest);
return result;
}
catch (Exception e)
{
//log.Error("Sm3 error: " + e.Message, e);
return null;
}
}
private const int RS_LEN = 32;
private static byte[] BigIntToFixexLengthBytes(BigInteger rOrS)
{
// for sm2p256v1, n is 00fffffffeffffffffffffffffffffffff7203df6b21c6052b53bbf40939d54123,
// r and s are the result of mod n, so they should be less than n and have length<=32
byte[] rs = rOrS.ToByteArray();
if (rs.Length == RS_LEN) return rs;
else if (rs.Length == RS_LEN + 1 && rs[0] == 0) return Arrays.CopyOfRange(rs, 1, RS_LEN + 1);
else if (rs.Length < RS_LEN)
{
byte[] result = new byte[RS_LEN];
Arrays.Fill(result, 0);
Buffer.BlockCopy(rs, 0, result, RS_LEN - rs.Length, rs.Length);
return result;
}
else
{
throw new ArgumentException("err rs: " + Hex.ToHexString(rs));
}
}
/**
* BC的SM3withSM2签名得到的结果的rs是asn1格式的,这个方法转化成直接拼接r||s
* @param rsDer rs in asn1 format
* @return sign result in plain byte array
*/
private static byte[] RsAsn1ToPlainByteArray(byte[] rsDer)
{
Asn1Sequence seq = Asn1Sequence.GetInstance(rsDer);
byte[] r = BigIntToFixexLengthBytes(DerInteger.GetInstance(seq[0]).Value);
byte[] s = BigIntToFixexLengthBytes(DerInteger.GetInstance(seq[1]).Value);
byte[] result = new byte[RS_LEN * 2];
Buffer.BlockCopy(r, 0, result, 0, r.Length);
Buffer.BlockCopy(s, 0, result, RS_LEN, s.Length);
return result;
}
/**
* BC的SM3withSM2验签需要的rs是asn1格式的,这个方法将直接拼接r||s的字节数组转化成asn1格式
* @param sign in plain byte array
* @return rs result in asn1 format
*/
private static byte[] RsPlainByteArrayToAsn1(byte[] sign)
{
if (sign.Length != RS_LEN * 2) throw new ArgumentException("err rs. ");
BigInteger r = new BigInteger(1, Arrays.CopyOfRange(sign, 0, RS_LEN));
BigInteger s = new BigInteger(1, Arrays.CopyOfRange(sign, RS_LEN, RS_LEN * 2));
Asn1EncodableVector v = new Asn1EncodableVector();
v.Add(new DerInteger(r));
v.Add(new DerInteger(s));
try
{
return new DerSequence(v).GetEncoded("DER");
}
catch (IOException e)
{
//log.Error("RsPlainByteArrayToAsn1 error: " + e.Message, e);
return null;
}
}
public static AsymmetricCipherKeyPair GenerateKeyPair()
{
try
{
ECKeyPairGenerator kpGen = new ECKeyPairGenerator();
kpGen.Init(new ECKeyGenerationParameters(ecDomainParameters, new SecureRandom()));
return kpGen.GenerateKeyPair();
}
catch (Exception e)
{
//log.Error("generateKeyPair error: " + e.Message, e);
return null;
}
}
public static ECPrivateKeyParameters GetPrivatekeyFromD(BigInteger d)
{
return new ECPrivateKeyParameters(d, ecDomainParameters);
}
public static ECPublicKeyParameters GetPublickeyFromXY(BigInteger x, BigInteger y)
{
return new ECPublicKeyParameters(x9ECParameters.Curve.CreatePoint(x, y), ecDomainParameters);
}
public static AsymmetricKeyParameter GetPublickeyFromX509File(FileInfo file)
{
FileStream fileStream = null;
try
{
//file.DirectoryName + "\\" + file.Name
fileStream = new FileStream(file.FullName, FileMode.Open, FileAccess.Read);
X509Certificate certificate = new X509CertificateParser().ReadCertificate(fileStream);
return certificate.GetPublicKey();
}
catch (Exception e)
{
//log.Error(file.Name + "读取失败,异常:" + e);
}
finally
{
if (fileStream != null)
fileStream.Close();
}
return null;
}
public class Sm2Cert
{
public AsymmetricKeyParameter privateKey;
public AsymmetricKeyParameter publicKey;
public string certId;
}
private static byte[] ToByteArray(int i)
{
byte[] byteArray = new byte[4];
byteArray[0] = (byte)(i >> 24);
byteArray[1] = (byte)((i & 0xFFFFFF) >> 16);
byteArray[2] = (byte)((i & 0xFFFF) >> 8);
byteArray[3] = (byte)(i & 0xFF);
return byteArray;
}
/**
* 字节数组拼接
*
* @param params
* @return
*/
private static byte[] Join(params byte[][] byteArrays)
{
List byteSource = new List();
for (int i = 0; i < byteArrays.Length; i++)
{
byteSource.AddRange(byteArrays[i]);
}
byte[] data = byteSource.ToArray();
return data;
}
/**
* 密钥派生函数
*
* @param Z
* @param klen
* 生成klen字节数长度的密钥
* @return
*/
private static byte[] KDF(byte[] Z, int klen)
{
int ct = 1;
int end = (int)Math.Ceiling(klen * 1.0 / 32);
List byteSource = new List();
try
{
for (int i = 1; i < end; i++)
{
byteSource.AddRange(Sm3(Join(Z, ToByteArray(ct))));
ct++;
}
byte[] last = Sm3(Join(Z, ToByteArray(ct)));
if (klen % 32 == 0)
{
byteSource.AddRange(last);
}
else
byteSource.AddRange(Arrays.CopyOfRange(last, 0, klen % 32));
return byteSource.ToArray();
}
catch (Exception e)
{
//log.Error("KDF error: " + e.Message, e);
}
return null;
}
public static byte[] Sm4DecryptCBC(byte[] keyBytes, byte[] cipher, byte[] iv, string algo)
{
if (keyBytes.Length != 16) throw new ArgumentException("err key length");
if (cipher.Length % 16 != 0) throw new ArgumentException("err data length");
try
{
KeyParameter key = ParameterUtilities.CreateKeyParameter("SM4", keyBytes);
IBufferedCipher c = CipherUtilities.GetCipher(algo);
if (iv == null) iv = ZeroIv(algo);
c.Init(false, new ParametersWithIV(key, iv));
return c.DoFinal(cipher);
}
catch (Exception e)
{
//log.Error("Sm4DecryptCBC error: " + e.Message, e);
return null;
}
}
public static byte[] Sm4EncryptCBC(byte[] keyBytes, byte[] plain, byte[] iv, string algo)
{
if (keyBytes.Length != 16) throw new ArgumentException("err key length");
if (plain.Length % 16 != 0) throw new ArgumentException("err data length");
try
{
KeyParameter key = ParameterUtilities.CreateKeyParameter("SM4", keyBytes);
IBufferedCipher c = CipherUtilities.GetCipher(algo);
if (iv == null) iv = ZeroIv(algo);
c.Init(true, new ParametersWithIV(key, iv));
return c.DoFinal(plain);
}
catch (Exception e)
{
//log.Error("Sm4EncryptCBC error: " + e.Message, e);
return null;
}
}
public static byte[] Sm4EncryptECB(byte[] keyBytes, byte[] plain, string algo)
{
if (keyBytes.Length != 16) throw new ArgumentException("err key length");
if (plain.Length % 16 != 0) throw new ArgumentException("err data length");
try
{
KeyParameter key = ParameterUtilities.CreateKeyParameter("SM4", keyBytes);
IBufferedCipher c = CipherUtilities.GetCipher(algo);
c.Init(true, key);
return c.DoFinal(plain);
}
catch (Exception e)
{
//log.Error("Sm4EncryptECB error: " + e.Message, e);
return null;
}
}
public static byte[] Sm4DecryptECB(byte[] keyBytes, byte[] cipher, string algo)
{
if (keyBytes.Length != 16) throw new ArgumentException("err key length");
if (cipher.Length % 16 != 0) throw new ArgumentException("err data length");
try
{
KeyParameter key = ParameterUtilities.CreateKeyParameter("SM4", keyBytes);
IBufferedCipher c = CipherUtilities.GetCipher(algo);
c.Init(false, key);
return c.DoFinal(cipher);
}
catch (Exception e)
{
//log.Error("Sm4DecryptECB error: " + e.Message, e);
return null;
}
}
public const string SM4_ECB_NOPADDING = "SM4/ECB/NoPadding";
public const string SM4_CBC_NOPADDING = "SM4/CBC/NoPadding";
public const string SM4_CBC_PKCS7PADDING = "SM4/CBC/PKCS7Padding";
/**
* cfca官网CSP沙箱导出的sm2文件
* @param pem 二进制原文
* @param pwd 密码
* @return
*/
public static Sm2Cert readSm2File(byte[] pem, string pwd)
{
Sm2Cert sm2Cert = new Sm2Cert();
try
{
Asn1Sequence asn1Sequence = (Asn1Sequence)Asn1Object.FromByteArray(pem);
// ASN1Integer asn1Integer = (ASN1Integer) asn1Sequence.getObjectAt(0); //version=1
Asn1Sequence priSeq = (Asn1Sequence)asn1Sequence[1];//private key
Asn1Sequence pubSeq = (Asn1Sequence)asn1Sequence[2];//public key and x509 cert
// ASN1ObjectIdentifier sm2DataOid = (ASN1ObjectIdentifier) priSeq.getObjectAt(0);
// ASN1ObjectIdentifier sm4AlgOid = (ASN1ObjectIdentifier) priSeq.getObjectAt(1);
Asn1OctetString priKeyAsn1 = (Asn1OctetString)priSeq[2];
byte[] key = KDF(Encoding.UTF8.GetBytes(pwd), 32);
byte[] priKeyD = Sm4DecryptCBC(Arrays.CopyOfRange(key, 16, 32),
priKeyAsn1.GetOctets(),
Arrays.CopyOfRange(key, 0, 16), SM4_CBC_PKCS7PADDING);
sm2Cert.privateKey = GetPrivatekeyFromD(new BigInteger(1, priKeyD));
// //log.Info(Hex.toHexString(priKeyD));
// ASN1ObjectIdentifier sm2DataOidPub = (ASN1ObjectIdentifier) pubSeq.getObjectAt(0);
Asn1OctetString pubKeyX509 = (Asn1OctetString)pubSeq[1];
X509Certificate x509 = new X509CertificateParser().ReadCertificate(pubKeyX509.GetOctets());
sm2Cert.publicKey = x509.GetPublicKey();
sm2Cert.certId = x509.SerialNumber.ToString(10); //这里转10进账,有啥其他进制要求的自己改改
return sm2Cert;
}
catch (Exception e)
{
//log.Error("readSm2File error: " + e.Message, e);
return null;
}
}
/**
*
* @param cert
* @return
*/
public static Sm2Cert ReadSm2X509Cert(byte[] cert)
{
Sm2Cert sm2Cert = new Sm2Cert();
try
{
X509Certificate x509 = new X509CertificateParser().ReadCertificate(cert);
sm2Cert.publicKey = x509.GetPublicKey();
sm2Cert.certId = x509.SerialNumber.ToString(10); //这里转10进账,有啥其他进制要求的自己改改
return sm2Cert;
}
catch (Exception e)
{
//log.Error("ReadSm2X509Cert error: " + e.Message, e);
return null;
}
}
public static byte[] ZeroIv(string algo)
{
try
{
IBufferedCipher cipher = CipherUtilities.GetCipher(algo);
int blockSize = cipher.GetBlockSize();
byte[] iv = new byte[blockSize];
Arrays.Fill(iv, 0);
return iv;
}
catch (Exception e)
{
//log.Error("ZeroIv error: " + e.Message, e);
return null;
}
}
public class Sm2Vo
{
public string sm2_x;
public string sm2_y;
}
/**
* BASE64格式公钥转换为裸公钥
* @param sm2Key
* @return
*/
private static Sm2Vo parseBase64TRawKey(string sm2Key)
{
if (null == sm2Key)
{
return null;
}
string sm2_asn1 = Hex.ToHexString(Convert.FromBase64String(sm2Key));
if (!sm2_asn1.StartsWith(SM2_KEY_TITLE))
{
return null;
}
Sm2Vo sm2Cert = new Sm2Vo();
string sm2_xy = sm2_asn1.Substring(SM2_KEY_TITLE.Length, sm2_asn1.Length - SM2_KEY_TITLE.Length);
sm2Cert.sm2_x = sm2_xy.Substring(0, sm2_xy.Length / 2);
sm2Cert.sm2_y = sm2_xy.Substring(sm2_xy.Length / 2, sm2_xy.Length - sm2_xy.Length / 2);
return sm2Cert;
}
/**
* 加签
*/
public static string generateSmSign(string str)
{
AsymmetricKeyParameter SMprivateKey = GetPrivatekeyFromD(new BigInteger(SM_PRIVATE_KEY, 16));
//1.国密签名
byte[] msg = Encoding.UTF8.GetBytes(str);
//签名 USER_ID 应使用国密局推荐 ID,即“1234567812345678”
byte[] userId = Encoding.UTF8.GetBytes(SM_USER_ID);
byte[] sig = SignSm3WithSm2(msg, userId, SMprivateKey);
//国密加签结果
string c = Convert.ToBase64String(signRawToAsn1(sig));
return c;
}
/**
* 验签
*/
public static bool verifySmSign(string rawMsg, string signedStr)
{
byte[] sig2 = Convert.FromBase64String(signedStr);
Sm2Vo sm2Vo = parseBase64TRawKey(SM_PUBLIC_KEY);
string privateKeyRawX = sm2Vo.sm2_x;
string privateKeyRawY = sm2Vo.sm2_y;
AsymmetricKeyParameter SMPbkey = GetPublickeyFromXY(new BigInteger(privateKeyRawX, 16), new BigInteger(privateKeyRawY, 16));
byte[] sig3 = signAsn12Raw(sig2);
byte[] msg = Encoding.UTF8.GetBytes(rawMsg);
//签名 USER_ID 应使用国密局推荐 ID,即“1234567812345678”
byte[] userId = Encoding.UTF8.GetBytes(SM_USER_ID);
bool flag = VerifySm3WithSm2(msg, userId, sig3, SMPbkey);
return flag;
}
}
}