SM2 是国家密码管理局组织制定并提出的椭圆曲线密码算法标准。本文使用第三方密码库 BouncyCastle 实现 SM2 加解密，使用 NuGet 安装即可，包名：BouncyCastle.Cryptography，目前最新版本为：2.2.1。


SM2 密钥对生成

/// <summary>
/// 堆代码 duidaima.com
/// 生成 SM2 密钥对，密钥对使用 Base64 进行编码
/// </summary>
/// <param name="privateKey"></param>
/// <param name="publicKey"></param>
public static void GenerateSM2KeyPair(out string privateKey, out string publicKey)
{
    // 获取 SM2 曲线参数
    X9ECParameters curve = ECNamedCurveTable.GetByName("sm2p256v1");
    KeyGenerationParameters parameters = new ECKeyGenerationParameters(new ECDomainParameters(curve), new SecureRandom());

    // 创建 SM2 密钥对生成器
    ECKeyPairGenerator generator = new ECKeyPairGenerator();
    generator.Init(parameters);

    // 创建密钥对
    var keyPair = generator.GenerateKeyPair();

    // 私钥
    ECPrivateKeyParameters privateKeyParameters = (ECPrivateKeyParameters)keyPair.Private;
    privateKey = Base64.ToBase64String(privateKeyParameters.D.ToByteArrayUnsigned());

    // 公钥
    ECPublicKeyParameters publicKeyParameters = (ECPublicKeyParameters)keyPair.Public;
    publicKey = Base64.ToBase64String(publicKeyParameters.Q.GetEncoded());
}

SM2 公钥加密

/// <summary>
/// SM2 公钥加密
/// </summary>
/// <param name="message"></param>
/// <param name="key"></param>
/// <returns></returns>
public static string Encrypt(string message, string key)
{
    // 获取 SM2 曲线参数
    X9ECParameters curve = ECNamedCurveTable.GetByName("sm2p256v1");

    ECPoint q = curve.Curve.DecodePoint(Base64.Decode(key));
    ECDomainParameters domain = new ECDomainParameters(curve);
    ECPublicKeyParameters pubk = new ECPublicKeyParameters("EC", q, domain);

    // 创建SM2加密器
    SM2Engine sm2Engine = new SM2Engine();
    sm2Engine.Init(true, new ParametersWithRandom(pubk, new SecureRandom()));

    // 将原始数据转换为字节数组
    byte[] dataBytes = Encoding.UTF8.GetBytes(message);

    // 执行加密操作
    byte[] encryptedData = sm2Engine.ProcessBlock(dataBytes, 0, dataBytes.Length);

    // 将加密结果转换为 Base64 字符串
    return Base64.ToBase64String(encryptedData);
}

SM2 私钥解密

/// <summary>
/// SM2 私钥解密
/// </summary>
/// <param name="message"></param>
/// <param name="key"></param>
/// <returns></returns>
public static string Decrypt(string message, string key)
{
    // 获取 SM2 曲线参数
    X9ECParameters curve = ECNamedCurveTable.GetByName("sm2p256v1");

    ECDomainParameters domain = new ECDomainParameters(curve);
    BigInteger d = new BigInteger(1, Base64.Decode(key));
    ECPrivateKeyParameters prik = new ECPrivateKeyParameters(d, domain);

    // 创建SM2加密器
    SM2Engine sm2Engine = new SM2Engine();
    sm2Engine.Init(false, prik);

    byte[] encryptedData = Base64.Decode(message);

    // 执行解密操作
    byte[] decryptedData = sm2Engine.ProcessBlock(encryptedData, 0, encryptedData.Length);

    // 将解密结果转换为字符串
    return Encoding.UTF8.GetString(decryptedData);
}

示例

string privateKey = "Ja4UIUJz7XRNDhIiuWXwL78qd1Pc7SC0/Z9LzyF4SL8=";
string publicKey = "BGe1BZDFN+NhCQtc2qlVk8nUlXrIwcyjT3mMt7Xx3BkDNBGBQjFPV0+h3/cGUYXo2TFI1SShS7hWl9zi6SxUHvg=";

string raw = "jacky";
string e = Encrypt(raw, publicKey);
Console.WriteLine($"加密结果：{e}");

string d = Decrypt(e, privateKey);
Console.WriteLine($"解密结果：{d}");

运行结果：