card_sm2_key = FBB003171AB2882CEEF1CE20707F5E6DB9DD6E256F529A1F050DD9220655442EB8C66D059406B95208BBE92FFD94DAAB94C5FDD66342E1E5BE0F0C21199B36C31C4DAE3F57FFE6358FE8D775DDF8B7EB46F4C4297A794E58210A4D443810F369
pub = mid( $card_sm2_key, 0, 64 )
pri = mid( $card_sm2_key, 64 )
x = new_sm2_get_pubkey( $pri )
if $x != $pub
?
pause
endif
// 准备一个空的p10证书
p10 = 305E304302010030233111300F06035504030C0862616E6B636F6D6D310E300C060355040A0C05626F636F6D3019301306072A8648CE3D020106082A811CCF5501822D03020000300C06082A811CCF5501837505000309003006020100020100
xpub = 04 $pub
p10 = settlv_bypath( $p10, "/0/0/2/1", 00 $xpub )
// 得到p10主体
p10_main = gettlv_bypath( $p10, "/0/0" )
xlen = strlen( $p10_main )
if $xlen >= 0100
plen = 3082 $xlen
else if $xlen >= 80
plen = 3081 $xlen
else
plen = 30 $xlen
endif
p10_main = $plen $p10_main
// 要对这串数算hash,跟pboc一样, entla, p, a, b
//ZA=SM3[ENTLA || IDA || a || b || xG ||yG || xA || yA]
ENTLA = 00 80
IDA = 3132333435363738 3132333435363738
data_A = FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC
data_B = 28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93
data_XG = 32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7
data_YG = BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0
tmp = $ENTLA $IDA $data_A $data_B $data_XG $data_YG $pub
ZA = sm3_hash( $tmp )
p10_hash = sm3_hash( $za $p10_main )
p10_rs = new_sm2_sign( $pri, $p10_hash )
r = mid( $p10_rs, 0, 32 )
s = mid( $p10_rs, 32 )
x = getbit( $r, 00, 07, 07 )
if $x == 80
r = 00 $r
endif
x = getbit( $s, 00, 07, 07 )
if $x == 80
s = 00 $s
endif
p10 = settlv_bypath( $p10, "/0/2/0/0", $r )
p10 = settlv_bypath( $p10, "/0/2/0/1", $s )
// 验证p10证书
p10 = 3081DD30818302010030233111300F06035504030C0862616E6B636F6D6D310E300C060355040A0C05626F636F6D3059301306072A8648CE3D020106082A811CCF5501822D03420004FBB003171AB2882CEEF1CE20707F5E6DB9DD6E256F529A1F050DD9220655442EB8C66D059406B95208BBE92FFD94DAAB94C5FDD66342E1E5BE0F0C21199B36C3300C06082A811CCF55018375050003470030440220160DAC8A213BD715AD7DC28A99A9026F5C5494DB0154FA3DBA5D20DF9263AAAB02201F6605E335DC4173D0178C36DD2C91929A6F55D727140157F4027E568D9A4043
// 得到p10主体
p10_main = gettlv_bypath( $p10, "/0/0" )
xlen = strlen( $p10_main )
if $xlen >= 0100
plen = 3082 $xlen
else if $xlen >= 80
plen = 3081 $xlen
else
plen = 30 $xlen
endif
p10_main = $plen $p10_main
p10_pub = gettlv_bypath( $p10, "/0/0/2/1" )
pub = right( $p10_pub, 64 )
// 要对这串数算hash,跟pboc一样, entla, p, a, b
//ZA=SM3[ENTLA || IDA || a || b || xG ||yG || xA || yA]
ENTLA = 00 80
IDA = 3132333435363738 3132333435363738
data_A = FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC
data_B = 28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93
data_XG = 32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7
data_YG = BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0
tmp = $ENTLA $IDA $data_A $data_B $data_XG $data_YG $pub
ZA = sm3_hash( $tmp )
p10_hash = sm3_hash( $za $p10_main )
r = gettlv_bypath( $p10, "/0/2/0/0" )
s = gettlv_bypath( $p10, "/0/2/0/1")
r = right( $r, 32 )
s = right( $s, 32 )
x = new_sm2_verify( $pub, $p10_hash, $r $s )
if $x != 00
? "p10证书错误"
pause
else
? "p10证书正确"
endif