[fix] 修正SM4加解密。close: #151

Author: nnhy

NewLife.Core/Security/PKCS7PaddingTransform.cs

@@ -1,5 +1,4 @@
 using System.Security.Cryptography;
-using NewLife.Collections;
 
 namespace NewLife.Security;
 
@@ -114,10 +113,10 @@ public Int32 TransformBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCo
     /// <returns></returns>
     public Byte[] TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
     {
-        if (inputCount == 0) return [];
-
         if (_encryptMode)
         {
+            if (inputCount == 0) return [];
+
             var paddingLength = InputBlockSize - (inputCount % InputBlockSize);
             var paddingValue = _mode switch
             {
@@ -150,6 +149,8 @@ public Byte[] TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 i
         }
         else
         {
+            if (inputCount == 0 && !_hasWithheldBlock) return [];
+
             var data = _transform.TransformFinalBlock(inputBuffer, inputOffset, inputCount);
             if (_hasWithheldBlock)
             {
@@ -165,13 +166,15 @@ public Byte[] TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 i
             var paddingValue = _mode == PaddingMode.ANSIX923 ? 0 : paddingLength;
             var paddingError = 0;
             if (_mode != PaddingMode.ISO10126)
+            {
                 for (var i = OutputBlockSize; i >= 1; i--)
                 {
                     // if i > paddingLength ignore;
                     // if paddingLength != data[data.Length - i] error;
                     var posMask = ~(paddingLength - i) >> 31;
                     paddingError |= (paddingValue ^ data[data.Length - i]) & posMask;
                 }
+            }
 
             if (paddingError != 0 || paddingLength == 0 || paddingLength > OutputBlockSize)
                 throw new CryptographicException("Invalid padding");

NewLife.Core/Security/SM4.cs

@@ -7,6 +7,8 @@
 using System.Buffers.Binary;
 #endif
 
+namespace NewLife.Security;
+
 /// <summary>SM4（国密4）</summary>
 public class SM4 : SymmetricAlgorithm
 {
@@ -244,7 +246,7 @@ public SM4Transform(Byte[] key, Byte[]? iv, Boolean encryptMode)
     }
 
     /// <summary>销毁</summary>
-    public void Dispose() { }
+    void IDisposable.Dispose() { }
     #endregion
 
     /// <summary>块加密数据，传入缓冲区必须是整块数据</summary>

XUnitTest.Core/Security/SM4Tests.cs

@@ -1,11 +1,11 @@
 using System.Security.Cryptography;
 using System.Text;
 using NewLife;
+using NewLife.Security;
+using Org.BouncyCastle.Crypto;
 using Org.BouncyCastle.Crypto.Engines;
 using Org.BouncyCastle.Crypto.Parameters;
-using Org.BouncyCastle.Crypto;
 using Xunit;
-using System;
 
 namespace XUnitTest.Security;
 
@@ -26,6 +26,24 @@ public void SM4_ECB_PKCS7_Test()
         Assert.Equal(text, text3);
     }
 
+    /// <summary>
+    /// https://github.com/NewLifeX/X/issues/151
+    /// </summary>
+    [Fact]
+    public void SM4_ECB_PKCS7_Test_Chinese()
+    {
+        var text = "中国人民万岁";
+        var key = "sasdx-asdas-111".GetBytes();
+
+        var sm4 = SM4.Create();
+        var text2 = sm4.Encrypt(text.GetBytes(), key, CipherMode.ECB, PaddingMode.PKCS7).ToBase64();
+        Assert.Equal("5ivCW7pfHwb8eb0FygSLa1GG7RsVIRF8ymOHZmOS1+A=", text2);
+
+        var sm42 = SM4.Create();
+        var text3 = sm42.Decrypt(text2.ToBase64(), key, CipherMode.ECB, PaddingMode.PKCS7).ToStr();
+        Assert.Equal(text, text3);
+    }
+
     [Fact]
     public void SM4_ECB_Zeros_Test()
     {