SM4实现的代码原贴地址在 https://blog.csdn.net/liangxun0712/article/details/78611082
本文版本主要解决了PHP 32位版本右移时符号位移动的问题,由于PHP没有无符号右移,所以只能通过字符串来替代
注:运行环境需要PHP7及以上
测试代码:index.php
<?php
require_once 'SM4Algorithm.php';
function sm4Func($mode,$key,$str)
{
$sm4 = new SM4();
$sm4->setKey($key);
if($mode=="ENCRYPT")
{
$orglen = strlen($str);
$enclen = ((int)($orglen/16)+1)*16;
$hexText ='';
for($index=0; $index < $orglen; $index++)
{
$hexText .= bin2hex($str[$index]);
}
for($index=$orglen; $index < $enclen; $index++)
{
$hexText .= '00';
}
$encText = '';
for($index=0; $index < $enclen*2; $index+=32)
{
$encText .= $sm4->encrypt(substr($hexText,$index,32));
}
return hex2bin($encText);
}
else if($mode=="DECRYPT")
{
$enclen = strlen($str);
$hexText ='';
for($index=0; $index < $enclen; $index++)
{
$hexText .= bin2hex($str[$index]);
}
$decText = '';
for($index=0; $index < $enclen*2; $index+=32)
{
$decText .= $sm4->decrypt(substr($hexText,$index,32));
}
return hex2bin($decText);
}
else return '';
}
function sm4Test($key,$str)
{
$encText=sm4Func('ENCRYPT',$key,$str);
$decText=sm4Func('DECRYPT',$key,$encText);
if(PHP_INT_MAX > 2147483647)
echo "<code>PHP 64位<br>加密前:".$str."\n<br>解密后:".$decText."\n";
else
echo "<code>PHP 32位<br>加密前:".$str."\n<br>解密后:".$decText."\n";
$enclen = strlen($encText);
for($index=0; $index < $enclen; $index++)
{
if($index%16==0) echo "<br>\n";
echo strtoupper(bin2hex($encText[$index]))." ";
}
echo "</code>\n<br><br>\n";
}
$key = 'a8052ed2ee4f3ec06d945619b4133633';
sm4Test($key,'1');
sm4Test($key,'0123456789ABCDEF');
sm4Test($key,'VMwareWorkstationVMwareWorkstationVMwareWorkstationVMwareWorkstationVMwareWorkstationVMwareWorkstation');
?>SM4的PHP实现:SM4Algorithm.php
<?php
/**
* Created by PhpStorm.
* User: KeenSting
* Date: 2017/11/22
* Time: 下午2:09
* Name: 梁小苍
* Phone: 13126734215
* QQ: 707719848
* File Description: 国密算法SM4 对称加密
*/
class SM4{
const SM4_CK = [
0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269,
0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9,
0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249,
0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9,
0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229,
0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299,
0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209,
0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279
];
const SM4_Sbox = [
0xd6,0x90,0xe9,0xfe,0xcc,0xe1,0x3d,0xb7,0x16,0xb6,0x14,0xc2,0x28,0xfb,0x2c,0x05,
0x2b,0x67,0x9a,0x76,0x2a,0xbe,0x04,0xc3,0xaa,0x44,0x13,0x26,0x49,0x86,0x06,0x99,
0x9c,0x42,0x50,0xf4,0x91,0xef,0x98,0x7a,0x33,0x54,0x0b,0x43,0xed,0xcf,0xac,0x62,
0xe4,0xb3,0x1c,0xa9,0xc9,0x08,0xe8,0x95,0x80,0xdf,0x94,0xfa,0x75,0x8f,0x3f,0xa6,
0x47,0x07,0xa7,0xfc,0xf3,0x73,0x17,0xba,0x83,0x59,0x3c,0x19,0xe6,0x85,0x4f,0xa8,
0x68,0x6b,0x81,0xb2,0x71,0x64,0xda,0x8b,0xf8,0xeb,0x0f,0x4b,0x70,0x56,0x9d,0x35,
0x1e,0x24,0x0e,0x5e,0x63,0x58,0xd1,0xa2,0x25,0x22,0x7c,0x3b,0x01,0x21,0x78,0x87,
0xd4,0x00,0x46,0x57,0x9f,0xd3,0x27,0x52,0x4c,0x36,0x02,0xe7,0xa0,0xc4,0xc8,0x9e,
0xea,0xbf,0x8a,0xd2,0x40,0xc7,0x38,0xb5,0xa3,0xf7,0xf2,0xce,0xf9,0x61,0x15,0xa1,
0xe0,0xae,0x5d,0xa4,0x9b,0x34,0x1a,0x55,0xad,0x93,0x32,0x30,0xf5,0x8c,0xb1,0xe3,
0x1d,0xf6,0xe2,0x2e,0x82,0x66,0xca,0x60,0xc0,0x29,0x23,0xab,0x0d,0x53,0x4e,0x6f,
0xd5,0xdb,0x37,0x45,0xde,0xfd,0x8e,0x2f,0x03,0xff,0x6a,0x72,0x6d,0x6c,0x5b,0x51,
0x8d,0x1b,0xaf,0x92,0xbb,0xdd,0xbc,0x7f,0x11,0xd9,0x5c,0x41,0x1f,0x10,0x5a,0xd8,
0x0a,0xc1,0x31,0x88,0xa5,0xcd,0x7b,0xbd,0x2d,0x74,0xd0,0x12,0xb8,0xe5,0xb4,0xb0,
0x89,0x69,0x97,0x4a,0x0c,0x96,0x77,0x7e,0x65,0xb9,0xf1,0x09,0xc5,0x6e,0xc6,0x84,
0x18,0xf0,0x7d,0xec,0x3a,0xdc,0x4d,0x20,0x79,0xee,0x5f,0x3e,0xd7,0xcb,0x39,0x48
];
/**
* 系统参数
*/
const SM4_FK = [0xA3B1BAC6, 0x56AA3350, 0x677D9197, 0xB27022DC];
private $key = [];//16个 HEXHEX格式的数组 16字节 128bits 为了操作方便,直接存成十进制
private $skey = [];//记录每轮加密的秘钥 记录成十进制
/**设置加密秘钥
* @param $key 32个十六进制的字符
* @return $this
* @throws Exception
*/
public function setKey($key)
{
$this->key = $this->preProcess($key);
if(PHP_INT_MAX > 2147483647)
$this->setSkey64();
else
$this->setSkey32();
return $this;
}
private function sm4GetBin32($val)
{
//转换成代表二进制数字的字符串
$bin = decbin($val);
$len = strlen($bin);
//字符串长度超出则截取底32位,长度不够,则填充高位为0到32位
if($len > 32) $bin = substr($bin, $len - 32, 32);
else if($len < 32) $bin = str_pad($bin, 32, '0', STR_PAD_LEFT);
return $bin;
}
//无符号右移函数,固定处理32位长度的int
private function sm4Right($val,$bits)
{
// 位移量超出范围的两种情况
if($bits <= 0) return $val;
if($bits >= 32) return 0;
//取出要移动的位数,并在左边填充0
$bin=$this->sm4GetBin32($val);
$bin=str_pad(substr($bin, 0, 32 - $bits), 32, '0', STR_PAD_LEFT);
return bindec($bin);
}
//无符号左移函数,固定处理32位长度的int
private function sm4Left($val,$bits)
{
return $val << $bits;
// 位移量超出范围的两种情况
if($bits <= 0) return $val;
if($bits >= 32) return 0;
//取出要移动的位数,并在右边填充0
$bin=$this->sm4GetBin32($val);
$bin=str_pad(substr($bin, $bits), 32, '0', STR_PAD_RIGHT);
return bindec($bin);
}
/**
* 计算每轮加密需要的秘钥
*/
private function setSkey64()
{
$skey = [];
for($i=0;$i<4;$i++)
$skey[] = self::SM4_FK[$i] ^ ($this->key[4*$i]<<24 | $this->key[4*$i+1]<<16 | $this->key[4*$i+2]<<8 | $this->key[4*$i+3]);
for($k=0;$k<32;$k++)
{
$tmp = $skey[$k+1] ^ $skey[$k+2] ^ $skey[$k+3] ^ self::SM4_CK[$k];
//非线性化操作
$buf = (self::SM4_Sbox[($tmp>>24) & 0xff])<<24 |
(self::SM4_Sbox[($tmp>>16) & 0xff])<<16 |
(self::SM4_Sbox[($tmp>>8) & 0xff])<<8 |
(self::SM4_Sbox[$tmp & 0xff]);
//线性化操作
$skey[] = $skey[$k] ^ ($buf ^ $this->sm4Rotl64($buf,13) ^ $this->sm4Rotl64($buf,23));
$this->skey[]= $skey[$k+4];
}
}
private function setSkey32()
{
$skey = [];
for($i=0;$i<4;$i++)
{
$tmp1 = $this->sm4Left($this->key[4*$i],24) | $this->sm4Left($this->key[4*$i+1],16) | $this->sm4Left($this->key[4*$i+2],8) | $this->key[4*$i+3];
$skey[] = self::SM4_FK[$i] ^ $tmp1;
}
for($k=0;$k<32;$k++)
{
$tmp2 = self::SM4_CK[$k] ^ ($skey[$k+1] ^ $skey[$k+2] ^ $skey[$k+3]);
$box1 = self::SM4_Sbox[$this->sm4Right($tmp2,24) & 0xff];
$box2 = self::SM4_Sbox[$this->sm4Right($tmp2,16) & 0xff];
$box3 = self::SM4_Sbox[$this->sm4Right($tmp2,8 ) & 0xff];
$box4 = self::SM4_Sbox[$tmp2 & 0xff];
$buf = $this->sm4Left($box1,24) | $this->sm4Left($box2,16) | $this->sm4Left($box3,8) | $box4;
$skey[] = $skey[$k] ^ ($buf ^ $this->sm4Rotl32($buf,13) ^ $this->sm4Rotl32($buf,23));
$this->skey[]= $skey[$k+4];
}
}
/**32比特的buffer中循环左移n位
* @param $buf int 可以传递进10进制 也可以是0b开头的二进制
* @param $n int 向左偏移n位
* @return int
* reference http://blog.csdn.net/w845695652/article/details/6522285
*/
private function sm4Rotl64($buf,$n)
{
return (($buf << $n) & 0xffffffff) | ($buf >> (32-$n));
}
private function sm4Rotl32($buf,$n)
{
return ($this->sm4Left($buf , $n) & 0xffffffff) | $this->sm4Right($buf , (32-$n));
}
/**SM4加密单个片段(128bit)
* @param $text string 32个十六进制字符串
* @return string
* @throws Exception
*/
private function encrypt64($text)
{
$x = $re = [];
$t = $this->preProcess($text);
for($i=0;$i<4;$i++)
$x[] = $t[$i*4]<<24 | $t[$i*4+1]<<16 | $t[$i*4+2]<<8 | $t[$i*4+3];
for($k=0;$k<32;$k++)
{
$tmp = $x[$k+1] ^ $x[$k+2] ^ $x[$k+3] ^ $this->skey[$k];
$buf = self::SM4_Sbox[($tmp>>24) & 0xff] << 24 |
self::SM4_Sbox[($tmp>>16) & 0xff] << 16 |
self::SM4_Sbox[($tmp>>8) & 0xff] << 8 |
self::SM4_Sbox[$tmp & 0xff];
$x[$k+4] = $x[$k] ^ $buf ^ $this->sm4Rotl64($buf,2) ^ $this->sm4Rotl64($buf,10) ^ $this->sm4Rotl64($buf,18) ^ $this->sm4Rotl64($buf,24);
}
for($i=0;$i<4;$i++)
{
$re[] = ($x[35-$i]>>24) & 0xff;
$re[] = ($x[35-$i]>>16) & 0xff;
$re[] = ($x[35-$i]>>8) & 0xff;
$re[] = $x[35-$i] & 0xff;
}
return $this->wrapResult($re);
}
private function encrypt32($text)
{
$x = $re = [];
$t = $this->preProcess($text);
for($i=0;$i<4;$i++)
$x[] = $this->sm4Left($t[$i*4],24) | $this->sm4Left($t[$i*4+1],16) | $this->sm4Left($t[$i*4+2],8) | $t[$i*4+3];
for($k=0;$k<32;$k++)
{
$tmp2 = $x[$k+1] ^ $x[$k+2] ^ $x[$k+3] ^ $this->skey[$k];
$box1 = self::SM4_Sbox[$this->sm4Right($tmp2,24) & 0xff];
$box2 = self::SM4_Sbox[$this->sm4Right($tmp2,16) & 0xff];
$box3 = self::SM4_Sbox[$this->sm4Right($tmp2,8 ) & 0xff];
$box4 = self::SM4_Sbox[$tmp2 & 0xff];
$buf = $this->sm4Left($box1 , 24) | $this->sm4Left($box2 , 16) | $this->sm4Left($box3 , 8) | $box4;
$x[$k+4] = $x[$k] ^ $buf ^ $this->sm4Rotl32($buf,2) ^ $this->sm4Rotl32($buf,10) ^ $this->sm4Rotl32($buf,18) ^ $this->sm4Rotl32($buf,24);
}
for($i=0;$i<4;$i++)
{
$re[] = $this->sm4Right($x[35-$i],24) & 0xff;
$re[] = $this->sm4Right($x[35-$i],16) & 0xff;
$re[] = $this->sm4Right($x[35-$i],8 ) & 0xff;
$re[] = $x[35-$i] & 0xff;
}
return $this->wrapResult($re);
}
public function encrypt($text)
{
if(PHP_INT_MAX > 2147483647)
return $this->encrypt64($text);
else
return $this->encrypt32($text);
}
/**预处理16字节长度的16进制字符串 返回10进制的数组 数组大小为16
* @param $text
* @return array
* @throws Exception
*/
private function preProcess($text)
{
preg_match('/[0-9a-f]{32}/',strtolower($text),$re);
if(empty($re))
throw new Exception('error input format!');
$key = $re[0];
for($i=0;$i<16;$i++)
$result[] = hexdec($key[2*$i].$key[2*$i+1]);
return $result;
}
/**将十进制结果包装成16进制字符串输出
* @param $result
* @return string
*/
private function wrapResult($result)
{
$hex_str = '';
foreach($result as $v)
{
$tmp = dechex($v);
$len = strlen($tmp);
if($len==1)//不足两位十六进制的数 在前面补一个0,保证输出也是32个16进制字符
$hex_str .= '0';
$hex_str .= $tmp;
}
return strtoupper($hex_str);
}
/**SM4解密单个片段(128bits)
* @param $text string 32个16进制字符串
* @return string
* @throws Exception
*/
public function decrypt64($text)
{
$x = $re = [];
$t = $this->preProcess($text);
for($i=0;$i<4;$i++)
$x[] = $t[4*$i]<<24 | $t[4*$i+1]<<16 | $t[4*$i+2]<<8 | $t[4*$i+3];
for($k=0;$k<32;$k++)
{
$tmp = $x[$k+1] ^ $x[$k+2] ^ $x[$k+3] ^ $this->skey[31-$k];
$buf = (self::SM4_Sbox[($tmp>>24) & 0xff])<<24 |
(self::SM4_Sbox[($tmp>>16) & 0xff])<<16 |
(self::SM4_Sbox[($tmp>>8) & 0xff])<<8 |
(self::SM4_Sbox[$tmp & 0xff]);
$x[$k+4] = $x[$k] ^ $buf ^ $this->sm4Rotl64($buf,2) ^ $this->sm4Rotl64($buf,10) ^ $this->sm4Rotl64($buf,18) ^ $this->sm4Rotl64($buf,24);
}
for($i=0;$i<4;$i++)
{
$re[] = ($x[35-$i]>>24) & 0xff;
$re[] = ($x[35-$i]>>16) & 0xff;
$re[] = ($x[35-$i]>>8) & 0xff;
$re[] = $x[35-$i] & 0xff;
}
return $this->wrapResult($re);
}
private function decrypt32($text)
{
$x = $re = [];
$t = $this->preProcess($text);
for($i=0;$i<4;$i++)
$x[] = $this->sm4Left($t[4*$i],24) | $this->sm4Left($t[4*$i+1],16) | $this->sm4Left($t[4*$i+2],8) | $t[4*$i+3];
for($k=0;$k<32;$k++)
{
$tmp2 = $x[$k+1] ^ $x[$k+2] ^ $x[$k+3] ^ $this->skey[31-$k];
$box1 = self::SM4_Sbox[$this->sm4Right($tmp2,24) & 0xff];
$box2 = self::SM4_Sbox[$this->sm4Right($tmp2,16) & 0xff];
$box3 = self::SM4_Sbox[$this->sm4Right($tmp2,8 ) & 0xff];
$box4 = self::SM4_Sbox[$tmp2 & 0xff];
$buf = $this->sm4Left($box1,24) | $this->sm4Left($box2,16) | $this->sm4Left($box3,8) | $box4;
$x[$k+4] = $x[$k] ^ $buf ^ $this->sm4Rotl32($buf,2) ^ $this->sm4Rotl32($buf,10) ^ $this->sm4Rotl32($buf,18) ^ $this->sm4Rotl32($buf,24);
}
for($i=0;$i<4;$i++)
{
$re[] = $this->sm4Right($x[35-$i],24) & 0xff;
$re[] = $this->sm4Right($x[35-$i],16) & 0xff;
$re[] = $this->sm4Right($x[35-$i],8 ) & 0xff;
$re[] = $x[35-$i] & 0xff;
}
return $this->wrapResult($re);
}
public function decrypt($text)
{
if(PHP_INT_MAX > 2147483647)
return $this->decrypt64($text);
else
return $this->decrypt32($text);
}
}