HarmonyOS SM2密钥对转换失败

sm2私钥：3c9xxxxbe7f24c2xxxx223466804xxxxxxad284def02eb4f374a

SM2密钥转换失败报错，通过await generator1.convertKey(null, priKeyBlob);

发现通过await generator.generateKeyPair();生成的私钥是51字节，我们的私钥是32字节，这个转换有问题，请问怎么处理，是否和SM2 userid签名有关

ConvertEcPriKey: d2i_ECPrivateKey fail

04-23 19:17:52.784 10787-10838 C02f10/[HCF] com.bwton.szfreego E HcfPrintOpensslError: [Openssl]: engine fail, error code = 109052072, error string = error:068000A8:asn1 encoding routines::wrong tag

04-23 19:17:52.784 10787-10838 C02f10/[HCF] com.bwton.szfreego E ConvertKeyAsyncWorkProcess: convert key fail.

HarmonyOS

zxjiu

2024-08-13 14:53:57

浏览

回答 1

按赞同

按时间

zbw_apple

当调用convertKey方法将外来二进制数据转换为算法库非对称密钥对象时，公钥应满足ASN.1语法、X.509规范、DER编码格式，私钥应满足ASN.1语法、PKCS#8规范、DER编码格式。 convertKey方法中，公钥和密钥二进制数据非必选项，可单独传入公钥或私钥的数据，生成对应只包含公钥或私钥的KeyPair对象。

请参考：https://developer.huawei.com/consumer/cn/doc/harmonyos-guides-V5/crypto-generate-asym-key-pair-from-key-spec-V5

当前系统版本的指定生成密钥的API为convertKey，其中SM2密钥生成的参数只支持封装并ASN.1序列化后的数据（公钥91字节，私钥51字节)

请参考下列demo获取相应的私钥

// 生成 公钥/私钥/密钥对 的 params 属性方法 
genSM2CommonSpec(): cryptoFramework.ECCCommonParamsSpec { 
  let fieldFp: cryptoFramework.ECFieldFp = { 
    fieldType: "Fp", 
    p: BigInt("0xFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF") 
  } 
 
  let G: cryptoFramework.Point = { 
    x: BigInt("0x32C4AE2C1F19811xxxxC9948FE30BBFF2660BE1715A4589334C74C7"), 
    y: BigInt("0xBC3736A2F4F6779Cxxxx692153D0A9877CC62A474002DF32E52139F0A0") 
  } 
 
  let SM2CommonSpec: cryptoFramework.ECCCommonParamsSpec = { 
    algName: "ECC", 
    specType: cryptoFramework.AsyKeySpecType.COMMON_PARAMS_SPEC, 
    field: fieldFp, 
    a: BigInt("0xFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC"), 
    b: BigInt("0x28E9FA9E9D9F5E3xxxx9789F515AB8F92DDBCBD414D940E93"), 
    g: G, 
    n: BigInt("0xFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B2xx53BBF40939D54123"), 
    h: 1 
  } 
 
  return SM2CommonSpec; 
} 
 
// 异步获取密钥对象 
async getPriKek(): Promise<cryptoFramework.PriKey | null> { 
  // 密钥字符串：6d562d653d74f41bff9c3f2359xxxxxxxxx416a931c44783b9afdf5c3327121c2266 
  let sk: bigint = BigInt("0x6d562d653d74f4xxxxxc3f2359e5add416a931c44783b9afdf5c3327121c2266"); 
 
  // 私钥对象数据 
  let priKey: cryptoFramework.ECCPriKeySpec = { 
    params: this.genSM2CommonSpec(), // 通用参数 
    sk: sk, // 密钥 
    algName: "ECC", // 指定算法 
    specType: cryptoFramework.AsyKeySpecType.PRIVATE_KEY_SPEC // 指定算法参数类型 
  } 
 
  let KeyPair: cryptoFramework.PriKey | null = null; 
  try { 
  let KeyPairGenerator: cryptoFramework.AsyKeyGeneratorBySpec; 
  KeyPairGenerator = cryptoFramework.createAsyKeyGeneratorBySpec(priKey); 
  KeyPair = await KeyPairGenerator.generatePriKey() 
    .then((keyPair) => { 
      return keyPair; // 私钥获取成功 
    }) 
    .catch((e: Error): null => { 
      console.log(JSON.stringify(e)) 
      AlertDialog.show({message:"PriKey get failed"}); 
      return null; 
    }) 
} catch (err) { 
  let e: BusinessError = err as BusinessError; 
  console.error(`sync error, ${e.code}, ${e.message}`); 
  AlertDialog.show({message:"PriKey get failed"}); 
  return null; 
} 
return KeyPair; 
}1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32.
33.
34.
35.
36.
37.
38.
39.
40.
41.
42.
43.
44.
45.
46.
47.
48.
49.
50.
51.
52.
53.
54.
55.
56.
57.
58.
59.
60.

2024-08-13 21:42:30

如何写精华回答，获更多曝光？

发布

51CTO

51CTO博客

51CTO学堂

HarmonyOS SM2密钥对转换失败

订阅鸿蒙技术特刊，精选内容抢先看