first commit

pgserver/vendor/lpilp/guomi/test/data/rsa.pem

@@ -0,0 +1,16 @@
+-----BEGIN PRIVATE KEY-----
+MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALjnVY4j/UG0tJ5o
+HZclp1R1+HsCQmUctzPiN5VO56ZYuFP4T3oDhVkmWReL52WGaKYGrxJymqM6mPt8
+C3AXNd/KGTpZtXaoBvjK21nPmgDpo6m5nifi+IQTXmjrwDPErr0yIrAvDMP+3wQl
+w/WJTXVMJb074bYpytmx9WXL2mRTAgMBAAECgYB8/TuTKvbOTKXvkne2LWjQKjK+
+jAdvrBqXQurJzh2/D6gCcw7ebrTcT5TX2uWfdl0VJd2AfeHURw8UqIRe0AHEzj98
+yLF4DNgJRbGLCbJm67idyt41E+jnc6zrboLmpOkQ0njYibNulqgbJQ2DaFhnoLI1
+1CoPW383WxUfV6LquQJBAPLbtfPs+tKrun7zOaJ0GWMYRZBFxVNKE9EQS4X2pg+g
+NHo+b3bNPPoE66Ug+D69R1AYKC7QkP/zvXqT8dC1UVcCQQDC6MjeJqX4M4C9sfm6
+x75VqmKNX6qaXzv28wrtMk7anSiR7YQUCs0kchHQz8hpYb+SQio4DhRYJyDHnO+f
+V/tlAkEAl33IbYVpHNs0tZYhYJ4NbAwq8IklQwRVgjco9ULbaankslCaFUCHhepl
+2BbN480MXAEFp9ZAbPjtPDZnRGqmdwJARxy1hM/nCAqKcyuHKM2NtSWoNVptHUuX
+zj7YgrgzKvHiBnP5F3Lla+GufFgDD+fZBFzdmHwSkiMcg5fPmXx5PQJAfKdeiisM
+1qDcCIFgHSD8JX3Di/oKPF/zyZ3dgFDC8SfqHh/0UuF3WBNUFHpHCO8CoZS/QioK
+YKN9KVMfaZThsw==
+-----END PRIVATE KEY-----

pgserver/vendor/lpilp/guomi/test/data/rsapub.pem

@@ -0,0 +1,6 @@
+-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC451WOI/1BtLSeaB2XJadUdfh7
+AkJlHLcz4jeVTuemWLhT+E96A4VZJlkXi+dlhmimBq8ScpqjOpj7fAtwFzXfyhk6
+WbV2qAb4yttZz5oA6aOpuZ4n4viEE15o68AzxK69MiKwLwzD/t8EJcP1iU11TCW9
+O+G2KcrZsfVly9pkUwIDAQAB
+-----END PUBLIC KEY-----

pgserver/vendor/lpilp/guomi/test/data/sm2.pem

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIDMLq58c/Ox37b0NA4Ok65BcRRG+OmF1O+LtAIwRvmm8oAoGCCqBHM9V
+AYItoUQDQgAEyqo4GGHqDU6XIBpDCzEfi7Z2EpUzmU/s46pJioQkd7tNYAb3Em2J
+JJRFMK4l6WPlGze3zC66NaRZuyBagjDiVQ==
+-----END EC PRIVATE KEY-----

pgserver/vendor/lpilp/guomi/test/data/sm2_cs8.pem

@@ -0,0 +1,6 @@
+-----BEGIN PRIVATE KEY-----
+MIGTAgEAMBMGByqGSM49AgEGCCqBHM9VAYItBHkwdwIBAQQgHaEvjmM9ZMt0xCHT
+Y65RBRkWxY9bBfl/Fag0bvP1r9OgCgYIKoEcz1UBgi2hRANCAATQeZSDbPzUA57d
+UZTQBjdiY36CNk6ecsEuMvG3XpNxoJzome32RDEUkDc/qihPAmHaK48SCuVaoG5B
+Hk+QBDaJ
+-----END PRIVATE KEY-----

pgserver/vendor/lpilp/guomi/test/data/sm2pub.pem

@@ -0,0 +1,4 @@
+-----BEGIN PUBLIC KEY-----
+MFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEyqo4GGHqDU6XIBpDCzEfi7Z2EpUz
+mU/s46pJioQkd7tNYAb3Em2JJJRFMK4l6WPlGze3zC66NaRZuyBagjDiVQ==
+-----END PUBLIC KEY-----

pgserver/vendor/lpilp/guomi/test/openssl_encryptsm2.php

@@ -0,0 +1,40 @@
+<?php
+// 说明： PHP自带的函数好像不支持椭圆相关的非对称加密,只支持rsa
+
+$prifile = 'data/sm2.pem';
+$pubfile = 'data/sm2pub.pem';
+
+$prifile = 'data/rsa.pem';
+$pubfile = 'data/rsapub.pem';
+
+$data = "I love you!";
+
+$priKey = openssl_pkey_get_private(file_get_contents($prifile));
+$pubKey = openssl_pkey_get_public(file_get_contents($pubfile));
+// var_dump($priKey);die();
+// print_r(openssl_get_md_methods());
+openssl_sign($data,$sign,$priKey,'sha256');
+
+openssl_sign($data,$sign2,$priKey,'sha256WithRSAEncryption');
+
+echo bin2hex($sign) ."\n";
+echo bin2hex($sign2) ."\n";
+
+
+
+exit();
+
+echo "----------以下rsa的加解密----------------\n";
+$res = openssl_private_encrypt($data, $encrypted, $priKey);
+echo bin2hex($encrypted)."\n--------------------------\n";
+
+$res = openssl_public_decrypt($encrypted,$decryptd,$pubKey);
+
+echo $decryptd."\n--------------------------\n";
+if($decryptd == $data){
+    echo "good !!!";
+} else {
+    echo "bad !!!";
+}
+
+

pgserver/vendor/lpilp/guomi/test/openssl_tsm2.php

@@ -0,0 +1,21 @@
+<?php
+// openssl支持密码对的生成
+// 但未支持解签名,证书颁发，openssl 1.1.1 版本目前 不支持 sm3withsm2, 因为sm3withsm2的算法，与普通的sha256 with ecdsa的椭圆算法不一样
+// git上有相关的gmssl或是tassl的基于openssl开发会支持，需要安装然后替换掉当前的openssl, 并且将替换的openssl用源码方式编译到PHP中，较麻烦
+// 操作请参考: http://gmssl.org/docs/php-api.html
+
+// 生成密码对
+$config = array(
+    "private_key_type" => OPENSSL_KEYTYPE_EC,
+    "curve_name" => "SM2"
+);
+$sslconf = "/usr/local/php/extras/openssl/openssl.cnf";
+$config['config'] = $sslconf;
+$prikey = openssl_pkey_new($config);
+openssl_pkey_export($prikey, $prikeypem,null,$config);
+echo $prikeypem."\n";
+$pubkeypem = openssl_pkey_get_details($prikey)["key"];
+echo $pubkeypem."\n";
+
+
+

pgserver/vendor/lpilp/guomi/test/openssl_tsm3.php

@@ -0,0 +1,3 @@
+<?php
+$msg = '我爱你ILOVEYOU!';
+echo openssl_digest($msg, 'sm3');

pgserver/vendor/lpilp/guomi/test/openssl_tsm4.php

@@ -0,0 +1,41 @@
+<?php
+/**
+ * openssl 1.1.1 已支持以下加密算法
+ * aes-128-cbc,aes-128-cbc-hmac-sha1,aes-128-cbc-hmac-sha256,aes-128-ccm,aes-128-cfb,aes-128-cfb1,aes-128-cfb8,aes-128-ctr,aes-128-ecb,aes-128-gcm,aes-128-ocb,aes-128-ofb,aes-128-xts,aes-192-cbc,aes-192-ccm,aes-192-cfb,aes-192-cfb1,aes-192-cfb8,aes-192-ctr,aes-192-ecb,aes-192-gcm,aes-192-ocb,aes-192-ofb,aes-256-cbc,aes-256-cbc-hmac-sha1,aes-256-cbc-hmac-sha256,aes-256-ccm,aes-256-cfb,aes-256-cfb1,aes-256-cfb8,aes-256-ctr,aes-256-ecb,aes-256-gcm,aes-256-ocb,aes-256-ofb,aes-256-xts,aes128,aes128-wrap,aes192,aes192-wrap,aes256,aes256-wrap,aria-128-cbc,aria-128-ccm,aria-128-cfb,aria-128-cfb1,aria-128-cfb8,aria-128-ctr,aria-128-ecb,aria-128-gcm,aria-128-ofb,aria-192-cbc,aria-192-ccm,aria-192-cfb,aria-192-cfb1,aria-192-cfb8,aria-192-ctr,aria-192-ecb,aria-192-gcm,aria-192-ofb,aria-256-cbc,aria-256-ccm,aria-256-cfb,aria-256-cfb1,aria-256-cfb8,aria-256-ctr,aria-256-ecb,aria-256-gcm,aria-256-ofb,aria128,aria192,aria256,bf,bf-cbc,bf-cfb,bf-ecb,bf-ofb,blowfish,camellia-128-cbc,camellia-128-cfb,camellia-128-cfb1,camellia-128-cfb8,camellia-128-ctr,camellia-128-ecb,camellia-128-ofb,camellia-192-cbc,camellia-192-cfb,camellia-192-cfb1,camellia-192-cfb8,camellia-192-ctr,camellia-192-ecb,camellia-192-ofb,camellia-256-cbc,camellia-256-cfb,camellia-256-cfb1,camellia-256-cfb8,camellia-256-ctr,camellia-256-ecb,camellia-256-ofb,camellia128,camellia192,camellia256,cast,cast-cbc,cast5-cbc,cast5-cfb,cast5-ecb,cast5-ofb,chacha20,chacha20-poly1305,des,des-cbc,des-cfb,des-cfb1,des-cfb8,des-ecb,des-ede,des-ede-cbc,des-ede-cfb,des-ede-ecb,des-ede-ofb,des-ede3,des-ede3-cbc,des-ede3-cfb,des-ede3-cfb1,des-ede3-cfb8,des-ede3-ecb,des-ede3-ofb,des-ofb,des3,des3-wrap,desx,desx-cbc,id-aes128-CCM,id-aes128-GCM,id-aes128-wrap,id-aes128-wrap-pad,id-aes192-CCM,id-aes192-GCM,id-aes192-wrap,id-aes192-wrap-pad,id-aes256-CCM,id-aes256-GCM,id-aes256-wrap,id-aes256-wrap-pad,id-smime-alg-CMS3DESwrap,idea,idea-cbc,idea-cfb,idea-ecb,idea-ofb,rc2,rc2-128,rc2-40,rc2-40-cbc,rc2-64,rc2-64-cbc,rc2-cbc,rc2-cfb,rc2-ecb,rc2-ofb,rc4,rc4-40,rc4-hmac-md5,seed,seed-cbc,seed-cfb,seed-ecb,seed-ofb,
+ * sm4,sm4-cbc,sm4-cfb,sm4-ctr,sm4-ecb,sm4-ofb
+ * 其中支持sm4相关的各种算法模式,缺省使用的是cbc算法
+ * 加密串短可以使用ecb，计算速度快，串长的话ecb的扩散性差，安全性不足，就使用带向量的其他算法如cbc
+ */
+// echo implode(',',openssl_get_cipher_methods(true));
+
+// $ivlen = openssl_cipher_iv_length("sm4");
+// $iv = openssl_random_pseudo_bytes($ivlen);
+// sm4的iv长度是16字符
+$key = "0123456789abcdef";
+$iv = "1234567887654321"; 
+
+$data = '我爱你ILOVEYOU!';
+
+//  openssl_encrypt($plaintext, "sms4", $key, $options=0, $iv);
+// options = 0 base64, 1( OPENSSL_RAW_DATA ):原始二进制 , 这里为了与tsm4对比，就使用hex方式
+// sm4-ecb算法
+$ciphertext =openssl_encrypt($data, "sm4-ecb", $key, $options=OPENSSL_RAW_DATA);
+$enc = bin2hex($ciphertext);
+echo "encrypt: $enc\n";
+$original_plaintext = openssl_decrypt($ciphertext, "sm4-ecb", $key, $options=OPENSSL_RAW_DATA);
+echo "encrypt: $original_plaintext\n";
+
+// 缺省的sm4算法，使用的是sm4-cbc模式
+$ciphertext =openssl_encrypt($data, "sm4", $key, $options=OPENSSL_RAW_DATA,$iv);
+// $ciphertext =openssl_encrypt($data, "sm4-cbc", $key, $options=OPENSSL_RAW_DATA,$iv);  //这两个是一样的
+$enc = bin2hex($ciphertext);
+echo "encrypt: $enc\n";
+$original_plaintext = openssl_decrypt($ciphertext, "sm4", $key, $options=OPENSSL_RAW_DATA,$iv);
+echo "encrypt: $original_plaintext\n";
+
+// sm4-cfb,sm4-ctr,sm4-ofb 的使用方法一样
+$ciphertext =openssl_encrypt($data, "sm4-cfb", $key, $options=OPENSSL_RAW_DATA,$iv);
+$enc = bin2hex($ciphertext);
+echo "encrypt: $enc\n";
+$original_plaintext = openssl_decrypt($ciphertext, "sm4-cfb", $key, $options=OPENSSL_RAW_DATA,$iv);
+echo "encrypt: $original_plaintext\n";

pgserver/vendor/lpilp/guomi/test/tfsign.php

@@ -0,0 +1,24 @@
+<?php
+require_once '../vendor/autoload.php';
+use Rtgm\util\FormatSign;
+
+$goodSign = 'MEUCIQDWveKrtx6VrosnYQHNBnRjolrlmi/mHwMWKU4bDxakQwIgfSX20s+Ci1SvFQBgx+kRMU3Z1xbHtT0kpZfAXVH8poc=';
+$badSign  = 'MEYCIQDWveKrtx6VrosnYQHNBnRjolrlmi/mHwMWKU4bDxakQwIhAH0l9tLPgotUrxUAYMfpETFN2dcWx7U9JKWXwF1R/KaH';
+
+$fs = new FormatSign();
+$newSign = $fs->run($badSign);
+
+echo $newSign."\n";
+
+if ($newSign == $goodSign) {
+    echo "OK";
+} else {
+    echo "Bad";
+}
+echo "\n=========\n";
+//good 补0，
+$goodSign2 = "MEMCHx7T5iZF+kfk0mNDxVOX2ZOytWjcFBDCRMyUZsvdk\/8CICOZz0A91TlSbZWAhs8J24nWT35l1Su8zegr+vomI9P+";
+echo (bin2hex(base64_decode($goodSign2)));
+echo "\n";
+$newSign2 = $fs->format_cmbc($goodSign2);
+echo (bin2hex(base64_decode($newSign2)));

pgserver/vendor/lpilp/guomi/test/tsm2.php

@@ -0,0 +1,41 @@
+<?php
+require_once '../vendor/autoload.php';
+use Rtgm\sm\RtSm2;
+
+$publicKey = '043d9d4cc71a285af936b36880fd4d6155c22957cd2c84ea313469065207fb951b9ef1db79d69af8886e91e833da1ebc6bfdde86e70f52923d6e042eaa147624c7'; // 公钥
+$privateKey = 'a7763cd4fe7db2a2146fc09bf2d5e5a30e10c51b7e4bed00b3a26ec79ba78ff3'; // 私钥
+$publicfile = "./data/sm2pub.pem";
+$privatefile = "./data/sm2.pem";
+$userId = '1234567812345678';
+$document = "我爱你ILOVEYOU!";
+
+define('GK',1);
+define('SIGN',1);
+define('SIGNPEM',1);
+//返回的签名16进制还是base64, 目前可选hex,与base64两种
+// __construct($formatSign='hex', $randFixed = true) 
+$sm2 = new RtSm2('base64',true);
+
+
+if(GK){
+    echo "\n----------生成明文密钥对--------------------------\n";
+    print_r($sm2->generatekey()); //生成明文密钥
+    echo "\n----------生成pem密钥对--------------------------\n";
+    print_r($sm2->generatePemkey()); //生成pem密钥，请放到相应的文件中
+}
+
+if(SIGN){
+    echo "\n---------明文密钥签名---------------------------\n";
+    $sign = $sm2->doSign( $document, $privateKey, $userId);
+    print_r($sign);
+    echo "\n---------明文密钥验签---------------------------\n";
+    var_dump($sm2->verifySign( $document, $sign, $publicKey, $userId ));
+}
+
+if(SIGNPEM){
+    echo "\n---------PEM密钥签名---------------------------\n";
+    $sign = $sm2->doSignOutKey( $document, $privatefile, $userId);
+    print_r($sign);
+    echo "\n---------PEM密钥验签---------------------------\n";
+    var_dump($sm2->verifySignOutKey( $document, $sign, $publicfile, $userId ));
+}

pgserver/vendor/lpilp/guomi/test/tsm2_encrypt.php

@@ -0,0 +1,39 @@
+<?php
+require_once '../vendor/autoload.php';
+use Rtgm\sm\RtSm2;
+$sm2 = new RtSm2();
+$publicKey = '043d9d4cc71a285af936b36880fd4d6155c22957cd2c84ea313469065207fb951b9ef1db79d69af8886e91e833da1ebc6bfdde86e70f52923d6e042eaa147624c7'; // 公钥
+$privateKey = 'a7763cd4fe7db2a2146fc09bf2d5e5a30e10c51b7e4bed00b3a26ec79ba78ff3'; // 私钥
+
+$document = str_repeat('abcdef',10);
+// sm2的非对称加解密，不建议加密太长的字符串
+echo "原始: $document";
+$m2EncryptData = $sm2 ->doEncrypt($document, $publicKey);
+echo ("\n加密后: ".$m2EncryptData);
+$m2DecryptData = $sm2->doDecrypt($m2EncryptData,$privateKey);
+echo ("\n解密后:".$m2DecryptData);
+echo "\n------------------------------------------------------------------\n";
+$document = "我爱你ILOVEYOU!";
+echo "\n原始: $document";
+$m2EncryptData = $sm2 ->doEncrypt($document, $publicKey);
+echo ("\n加密后: ".$m2EncryptData);
+$m2DecryptData = $sm2->doDecrypt($m2EncryptData,$privateKey);
+
+echo ("\n解密后: ".$m2DecryptData);
+echo "\n------------------以上是标准的 c1c3c2 串----------------------------\n";
+// define("C1C3C2",1);
+// define("C1C2C3",0);
+// doEncrypt($document, $publicKey, $model = C1C3C2), 
+// trim是如果加密后前面带着04就去掉
+// doDecrypt($encryptData,$privateKey,$trim = true,$model = C1C3C2)
+echo "\n------------------以下是使用 c1c2c3 串可对比上面生成------------------\n";
+
+
+$document = "我爱你ILOVEYOU!";
+echo "\n原始: $document";
+$m2EncryptData = $sm2 ->doEncrypt($document, $publicKey,C1C2C3);
+echo ("\n加密后: ".$m2EncryptData);
+$m2DecryptData = $sm2->doDecrypt($m2EncryptData,$privateKey,1,C1C2C3);
+echo ("\n解密后: ".$m2DecryptData);
+
+

pgserver/vendor/lpilp/guomi/test/tsm3.php

@@ -0,0 +1,6 @@
+<?php
+require_once '../vendor/autoload.php';
+use Rtgm\sm\RtSm3;
+$sm3 = new RtSm3();
+$data = '我爱你ILOVEYOU!';
+print_r($sm3->digest($data,1));

pgserver/vendor/lpilp/guomi/test/tsm4.php

@@ -0,0 +1,35 @@
+<?php
+require_once '../vendor/autoload.php';
+use Rtgm\sm\RtSm4;
+
+$key = "0123456789abcdef";
+$iv = '1234567887654321';
+
+$sm4 = new RtSm4($key);
+
+$data = '我1爱你ILOVEYOU!!!';
+$data = str_repeat('abc',7);
+//sm4 的ecb 与cbc加密有补齐（16*n）l
+// sm4->encrypt($data, $type = 'sm4', $iv = '', $format = 'hex')
+//  openssl_encrypt ,和服务器openssl版本，PHP版本有关，有些服务器可能不支持sm4-* 相关的对称加密算法，
+
+
+echo "==== test sm4 sm4-cbc============";
+echo "\nphp sm4:     ".$hex = $sm4->encrypt($data,'sm4',$iv); //default is cbc
+echo "\nphp decode:  ".$sm4->decrypt($hex,'sm4',$iv,'hex');
+
+echo "\n==== test sm4-ecb============";
+echo "\nphp sm4-ecb: ".$hex = $sm4->encrypt($data,'sm4-ecb');
+echo "\nphp decode:  ".$sm4->decrypt($hex,'sm4-ecb','','hex');
+
+echo "\n==== test sm4-ofb============";
+echo "\nphp sm4-ofb: ".$hex = $sm4->encrypt($data,'sm4-ofb',$iv);
+echo "\nphp decode:  ".$sm4->decrypt($hex,'sm4-ofb',$iv,'hex');
+
+echo "\n==== test sm4-cfb============";
+echo "\nphp sm4-cfb: ".$hex = $sm4->encrypt($data,'sm4-cfb',$iv);
+echo "\nphp decode:  ".$sm4->decrypt($hex,'sm4-cfb',$iv,'hex');
+
+echo "\n==== test sm4-ctr============";
+echo "\nphp sm4-ctr: ".$hex = $sm4->encrypt($data,'sm4-ctr',$iv);
+echo "\nphp decode:  ".$sm4->decrypt($hex,'sm4-ctr',$iv,'hex');

pgserver/vendor/lpilp/guomi/test/ttsm2.php

@@ -0,0 +1,28 @@
+<?php
+require_once '../vendor/autoload.php';
+use Rtgm\sm\RtSm2;
+
+$publicKey = '043d9d4cc71a285af936b36880fd4d6155c22957cd2c84ea313469065207fb951b9ef1db79d69af8886e91e833da1ebc6bfdde86e70f52923d6e042eaa147624c7'; // 公钥
+$privateKey = 'a7763cd4fe7db2a2146fc09bf2d5e5a30e10c51b7e4bed00b3a26ec79ba78ff3'; // 私钥
+$publicfile = "./data/sm2pub.pem";
+$privatefile = "./data/sm2.pem";
+$userId = '1234567812345678';
+$document = "我爱你ILOVEYOU!";
+
+define('GK',1);
+define('SIGN',1);
+define('SIGNPEM',1);
+//返回的签名16进制还是base64, 目前可选hex,与base64两种
+// __construct($formatSign='hex', $randFixed = true) 
+$sm2 = new RtSm2('base64',true);
+
+
+
+if(SIGN){
+    echo "\n---------明文密钥签名---------------------------\n";
+    $sign = $sm2->doSign( $document, $privateKey, $userId);
+    print_r($sign);
+    echo "\n---------明文密钥验签---------------------------\n";
+    var_dump($sm2->verifySign( $document, $sign, $publicKey, $userId ));
+}
+