From 4f8a7c05249f0c1adc9214a6d2a978c21a48e97c Mon Sep 17 00:00:00 2001
From: dap <15891557205@163.com>
Date: Sat, 23 Aug 2025 18:36:02 +0800
Subject: [PATCH] =?UTF-8?q?refactor:=20sm4/sm2=E5=8A=A0=E8=A7=A3=E5=AF=86?=
 =?UTF-8?q?=E9=80=BB=E8=BE=91=E4=BC=98=E5=8C=96?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 packages/utils/src/encryption/impl/sm2.ts | 23 ++++++++++++++++++++---
 packages/utils/src/encryption/impl/sm4.ts | 10 ++++++++--
 2 files changed, 28 insertions(+), 5 deletions(-)

diff --git a/packages/utils/src/encryption/impl/sm2.ts b/packages/utils/src/encryption/impl/sm2.ts
index 3ebc49f7..df53c1d8 100644
--- a/packages/utils/src/encryption/impl/sm2.ts
+++ b/packages/utils/src/encryption/impl/sm2.ts
@@ -1,3 +1,4 @@
+/* eslint-disable prefer-template */
 /* eslint-disable no-console */
 import { sm2 } from 'sm-crypto';
 
@@ -9,12 +10,28 @@ import { BaseAsymmetricEncryption } from '../base';
  * @see https://tool.hiofd.com/sm2-key-gen/ 这里可以生成04开头的SM2密钥对
  */
 export class Sm2Encryption extends BaseAsymmetricEncryption {
-  override decrypt(str: string): string {
-    return sm2.doDecrypt(str, this.privateKey);
+  override decrypt(hexStr: string): string {
+    /**
+     * 后端必须使用`EncryptUtils.encryptBySm2Hex`来加密而不是base64
+     * 后端返回会固定带04前缀 需要去除
+     *
+     * @see https://github.com/JuneAndGreen/sm-crypto?tab=readme-ov-file#%E5%8A%A0%E5%AF%86%E8%A7%A3%E5%AF%86
+     * ps：密文会在解密时自动补充 04，如遇到其他工具补充的 04 需手动去除再传入。
+     */
+    if (hexStr.startsWith('04')) {
+      hexStr = hexStr.slice(2);
+    }
+    return sm2.doDecrypt(hexStr, this.privateKey);
   }
 
   override encrypt(str: string): string {
-    return sm2.doEncrypt(str, this.publicKey);
+    /**
+     * sm2解密有千分之几的错误，报异常java.lang.IllegalArgumentException: Invalid point coordinates
+     * @see https://github.com/chinabugotech/hutool/issues/3262
+     *
+     * 固定加上04前缀 避免出现上述问题
+     */
+    return '04' + sm2.doEncrypt(str, this.publicKey);
   }
 }
 
diff --git a/packages/utils/src/encryption/impl/sm4.ts b/packages/utils/src/encryption/impl/sm4.ts
index 6995c442..78378bfd 100644
--- a/packages/utils/src/encryption/impl/sm4.ts
+++ b/packages/utils/src/encryption/impl/sm4.ts
@@ -7,10 +7,16 @@ import { BaseSymmetricEncryption } from '../base';
  * SM4 实现
  */
 export class Sm4Encryption extends BaseSymmetricEncryption {
-  override decrypt(data: string, key: string): string {
+  /**
+   * 解密 data必须为hex字符串 可使用后端EncryptUtils.encryptBySm4Hex来加密
+   * @param hexString 待解密数据 只接受hex类型的字符串
+   * @param key 秘钥
+   * @returns result
+   */
+  override decrypt(hexString: string, key: string): string {
     this.checkKey(key);
     const keyHex = CryptoJS.enc.Hex.stringify(CryptoJS.enc.Utf8.parse(key));
-    return sm4.decrypt(data, keyHex);
+    return sm4.decrypt(hexString, keyHex);
   }
 
   override encrypt(data: string, key: string): string {