pohoc/crypto-sm

国密算法 SM2、SM3 和 SM4 的 PHP 版实现

Maintainers

Package info

github.com/pohoc/crypto-sm

pkg:composer/pohoc/crypto-sm

Statistics

Installs: 86

Dependents: 2

Suggesters: 1

Stars: 1

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

v0.0.3 2026-04-09 02:53 UTC

Requires

  • php: ^8.0|^8.1|^8.2|^8.3|^8.4|^8.5
  • ext-gmp: *
  • ext-openssl: *

Requires (Dev)

MIT 2dadf64471d740613fe258875302d1045f4e1bbf

  • pohoc <po.hoc4.woop@gmail.com>

encryptioncryptogmsm2sm3sm4国密

This package is auto-updated.

Last update: 2026-04-09 02:55:34 UTC

README

PHP Version License

国密算法 SM2、SM3、SM4 的 PHP 实现。

安装

composer require pohoc/crypto-sm

环境要求

  • PHP 8.0 ~ 8.5
  • GMP 扩展
  • OpenSSL 扩展

安装 GMP 扩展

Ubuntu/Debian:

sudo apt-get install php-gmp

CentOS/RHEL:

sudo yum install php-gmp

macOS (Homebrew):

brew install php@gmp

Windows: 在 php.ini 中启用 php_gmp.dll 扩展(取消注释):

extension=php_gmp.dll

验证安装:

<?php
var_dump(extension_loaded('gmp'));

支持的算法

SM2

中国椭圆曲线公钥密码算法 (GM/T 0003-2012)

  • 密钥生成
  • 加密/解密
  • 签名/验签

SM3

中国密码杂凑算法 (GM/T 0004-2012)

  • 哈希计算

SM4

中国分组密码算法 (GM/T 0002-2012)

  • 加密/解密
  • ECB/CBC 模式
  • PKCS5/PKCS7 填充

快速开始

SM2

use CryptoSm\SM2\Sm2;
use CryptoSm\SM2\Keypair;
use CryptoSm\SM2\SignatureOptions;

// 生成密钥对
$keypair = Sm2::generateKeyPairHex();
$privateKey = $keypair->getPrivateKey();
$publicKey = $keypair->getPublicKey();

// 加密
$ciphertext = Sm2::doEncrypt('Hello World', $publicKey);

// 解密
$plaintext = Sm2::doDecrypt($ciphertext, $privateKey);

// 签名(不哈希)
$signature = Sm2::doSignature('Message', $privateKey);
$isValid = Sm2::doVerifySignature('Message', $signature, $publicKey);

// 签名(哈希并指定用户 ID)
$options = (new SignatureOptions())
    ->setHash(true)
    ->setPublicKey($publicKey);
$signature = Sm2::doSignature('Message', $privateKey, $options);
$isValid = Sm2::doVerifySignature('Message', $signature, $publicKey, $options);

// DER 格式签名
$options = (new SignatureOptions())->setDer(true);
$signature = Sm2::doSignature('Message', $privateKey, $options);
$isValid = Sm2::doVerifySignature('Message', $signature, $publicKey, $options);

SM3

use CryptoSm\SM3\Sm3;

$hash = Sm3::sm3('Hello World');

SM4

use CryptoSm\SM4\Sm4;
use CryptoSm\SM4\Sm4Options;

$key = '0123456789abcdeffedcba9876543210'; // 32 位十六进制,128 bit
$data = 'Hello World';

// CBC 模式(默认),需提供 32 位十六进制 IV
$iv  = '000102030405060708090a0b0c0d0e0f';
$options = (new Sm4Options())->setIv($iv);
$ciphertext = Sm4::encrypt($data, $key, $options);
$plaintext = Sm4::decrypt($ciphertext, $key, $options);

// ECB 模式(不推荐,仅用于兼容旧系统)
$options = (new Sm4Options())->setMode(Sm4::MODE_ECB);
$ciphertext = Sm4::encrypt($data, $key, $options);
$plaintext = Sm4::decrypt($ciphertext, $key, $options);

使用 SmCrypto 门面类

use CryptoSm\SmCrypto;

// SM2
$keypair = SmCrypto::generateKeyPair();
$ciphertext = SmCrypto::encrypt($data, $publicKey);
$plaintext = SmCrypto::decrypt($ciphertext, $privateKey);
$signature = SmCrypto::sign($data, $privateKey);
$isValid = SmCrypto::verify($data, $signature, $publicKey);

// SM3
$hash = SmCrypto::sm3($data);

// SM4
$ciphertext = SmCrypto::sm4Encrypt($data, $key);
$plaintext = SmCrypto::sm4Decrypt($ciphertext, $key);

测试

composer install
vendor/bin/phpunit

代码质量

# 静态分析
vendor/bin/phpstan analyse

# 代码风格检查
vendor/bin/php-cs-fixer fix --dry-run --diff

# 代码风格修复
vendor/bin/php-cs-fixer fix

# 一键检查全部
composer check

文档

许可证

MIT