当前位置：首页 > news >正文

Gmssl实战

news 来源：原创 2025/4/22 5:57:14

最近项目要引入gm算法，实现aes和sm4数据加密，研究了一下两个系统的安装和测试用例

linux，从github下载GmSSL库（ https://github.com/guanzhi/GmSSL.git ），以下为安装方法。

## GmSSL库安装编译,需要确认已安装cmakeunzip GmSSL-master.zipcd GmSSL-mastermkdir buildcd buildcmake .. -DCMAKE_BUILD_TYPE=Release -DBUILD_SHARED_LIBS=OFF -DCMAKE_INSTALL_PREFIX=/usr/localmakemake installcp /usr/local/lib/libgmssl.a ../../libs/

windows，从github下载GmSSL库（ https://github.com/guanzhi/GmSSL.git ），以下为安装方法。

确保安装了cmake https://cmake.org/download/
我这里下载的 cmake-4.0.1-windows-x86_64.msi
写一个脚本x86cmd.bat，用来打开vs的命令行

@echo off
call "C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\VC\Auxiliary\Build\vcvars32.bat"
cmd

打开x86cmd.bat，解压GmSSL到目录。
这里说下我要用的gm库的格式，为静态库，mt，所以需要修改cmakelists.txt

project(GmSSL C)set(CMAKE_C_FLAGS_DEBUG "/MTd")
set(CMAKE_C_FLAGS_RELEASE "/MT")
set(CMAKE_CXX_FLAGS_DEBUG "/MTd")
set(CMAKE_CXX_FLAGS_RELEASE "/MT")

依次执行以下命令安装

mkdir build
cd build
cmake .. -G "NMake Makefiles" -DWIN32=ON -DBUILD_SHARED_LIBS=OFF
nmake

安装完后，我们可以在目录中找到gmssl.lib

测试代码及实现

gmssl_use.c 我用packet_id做iv的生成条件。


#include <gmssl/aes.h>
#include <gmssl/sm4.h>
#include "gmssl_use.h"void generate_ctr_iv_from_packet_id(int packet_id, uint8_t iv[IV_KEY_SIZE])
{memset(iv, 0, IV_KEY_SIZE);// 小端写入 packet_id 到 IV 的最后 4 字节iv[12] = (packet_id >> 0) & 0xff;iv[13] = (packet_id >> 8) & 0xff;iv[14] = (packet_id >> 16) & 0xff;iv[15] = (packet_id >> 24) & 0xff;
}int aes_ctr_encrypt_gmssl(const uint8_t *key,int packet_id, const uint8_t *in, uint8_t *out)
{AES_KEY aes_key;if (aes_set_encrypt_key(&aes_key, key, AES128_KEY_SIZE) != 1){return -1;}uint8_t iv[IV_KEY_SIZE];generate_ctr_iv_from_packet_id(packet_id, iv);aes_ctr_encrypt(&aes_key, iv, in, strlen((const char*)in), out);return 0;
}int aes_ctr_decrypt_gmssl(const uint8_t *key,int packet_id, const uint8_t *in, uint8_t *out)
{//加解密对称return aes_ctr_encrypt_gmssl(key, packet_id, in, out);
}int sm4_ctr_encrypt_gmssl(const uint8_t *key, int packet_id, const uint8_t *in,uint8_t *out)
{SM4_KEY sm4_key;sm4_set_encrypt_key(&sm4_key, key);uint8_t iv[IV_KEY_SIZE];generate_ctr_iv_from_packet_id(packet_id, iv);sm4_ctr_encrypt(&sm4_key, iv, in, strlen((const char*)in), out);return 0;
}int sm4_ctr_decrypt_gmssl(const uint8_t *key,int packet_id, const uint8_t *in, uint8_t *out)
{//加解密对称return sm4_ctr_encrypt_gmssl(key, packet_id, in, out);
}void test_func_gmssl()
{uint8_t key[16] = "1234567890abcdef";  // 示例密钥int packet_id = 1;uint8_t plaintext[] = "Hello GmSSL CTR!";uint8_t encrypted[128] = { 0 };uint8_t decrypted[128] = { 0 };printf("AES原文: %s\n", plaintext);aes_ctr_encrypt_gmssl(key, packet_id, plaintext, encrypted);printf("AES加密: %s\n", encrypted);aes_ctr_decrypt_gmssl(key, packet_id, encrypted, decrypted);printf("AES解密: %s\n", decrypted);packet_id = 50;uint8_t plaintext1[] = "Hello GmSSL CTR!";uint8_t encrypted1[128] = { 0 };uint8_t decrypted1[128] = { 0 };// SM4 加密解密printf("SM4原文: %s\n", plaintext1);uint8_t key1[16] = "1234567890abcdef";  // 示例密钥sm4_ctr_encrypt_gmssl(key1, packet_id, plaintext1, encrypted1);printf("SM4加密: %s\n", encrypted1);sm4_ctr_decrypt_gmssl(key1, packet_id, encrypted1, decrypted1);printf("SM4解密: %s\n", decrypted1);
}