上周折腾加密与解密,用了openssl, crypto++, polarssl, cyassl, 说起真的让人很沮丧,只有openssl & polarssl两个库的RSA & AES 加密和解密,我用起来了,crypto++各种模板,各种多继承,看的头大,而且对各种常用的加密算法也不了解,所以这个库我在折腾了一天之后就放弃了;cyassl这个库现在没什么印象了;openssl没什么好说的,用起来很方便,尤其是使用win32openssl,都不用自己编译,下载下来安装好了就能用,着实方便;但是我是要在移动终端使用RSA & AES,研究了半天怎么只使用openssl的源代码,发现还真是麻烦;总之呢,现在我决定使用polarssl,接口简单易用,而且使用源代码进行编译,都是C文件,肯定是跨平台的了,很小,很精悍,下面帖出使用polarssl实现的RSA & AES加密和解密的过程,便于日后直接使用
1 #include <stdio.h> 2 #include <stdlib.h> 3 #include <assert.h> 4 #include <string> 5 6 #include "polarssl/entropy.h" 7 #include "polarssl/ctr_drbg.h" 8 #include "polarssl/rsa.h" 9 #include "polarssl/aes.h" 10 11 const unsigned int RSA_KEY_SIZE = 1024; // RSA 公钥的位数 12 const unsigned int AES_KEY_SIZE = 256; 13 const unsigned int EXPONENT = 65537; 14 const unsigned int BUFFER_SIZE = 1024; 15 16 class rsa 17 { 18 public: 19 rsa() 20 { 21 memset(rsa_n, 0, BUFFER_SIZE); 22 memset(rsa_e, 0, BUFFER_SIZE); 23 memset(rsa_d, 0, BUFFER_SIZE); 24 memset(rsa_p, 0, BUFFER_SIZE); 25 memset(rsa_q, 0, BUFFER_SIZE); 26 memset(rsa_dp, 0, BUFFER_SIZE); 27 memset(rsa_dq, 0, BUFFER_SIZE); 28 memset(rsa_qp, 0, BUFFER_SIZE); 29 } 30 31 unsigned char rsa_n[BUFFER_SIZE]; 32 unsigned char rsa_e[BUFFER_SIZE]; 33 unsigned char rsa_d[BUFFER_SIZE]; 34 unsigned char rsa_p[BUFFER_SIZE]; 35 unsigned char rsa_q[BUFFER_SIZE]; 36 unsigned char rsa_dp[BUFFER_SIZE]; 37 unsigned char rsa_dq[BUFFER_SIZE]; 38 unsigned char rsa_qp[BUFFER_SIZE]; 39 40 unsigned int n_len = BUFFER_SIZE; 41 unsigned int e_len = BUFFER_SIZE; 42 unsigned int d_len = BUFFER_SIZE; 43 unsigned int p_len = BUFFER_SIZE; 44 unsigned int q_len = BUFFER_SIZE; 45 unsigned int dp_len = BUFFER_SIZE; 46 unsigned int dq_len = BUFFER_SIZE; 47 unsigned int qp_len = BUFFER_SIZE; 48 }; 49 50 void generate_rsa(rsa& r) 51 { 52 // 生成RSA密钥对 53 rsa_context rsa; 54 entropy_context entropy; 55 ctr_drbg_context ctr_drbg; 56 57 entropy_init(&entropy); 58 59 assert(ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, nullptr, 0) == 0); 60 61 rsa_init(&rsa, RSA_PKCS_V15, 0); 62 63 assert(rsa_gen_key(&rsa, ctr_drbg_random, &ctr_drbg, RSA_KEY_SIZE, EXPONENT) == 0); 64 65 assert(mpi_write_binary(&rsa.N, r.rsa_n, BUFFER_SIZE) == 0); 66 assert(mpi_write_binary(&rsa.E, r.rsa_e, BUFFER_SIZE) == 0); 67 assert(mpi_write_binary(&rsa.D, r.rsa_d, BUFFER_SIZE) == 0); 68 assert(mpi_write_binary(&rsa.P, r.rsa_p, BUFFER_SIZE) == 0); 69 assert(mpi_write_binary(&rsa.Q, r.rsa_q, BUFFER_SIZE) == 0); 70 assert(mpi_write_binary(&rsa.DP, r.rsa_dp, BUFFER_SIZE) == 0); 71 assert(mpi_write_binary(&rsa.DQ, r.rsa_dq, BUFFER_SIZE) == 0); 72 assert(mpi_write_binary(&rsa.QP, r.rsa_qp, BUFFER_SIZE) == 0); 73 74 //puts(r.rsa_n); 75 //puts(r.rsa_e); 76 } 77 78 // 加密 79 void encrypt( 80 const rsa &r, 81 const unsigned char* plaintext, 82 unsigned int plaintext_size, 83 unsigned char *ciphertext, 84 unsigned int &ciphertext_size) 85 { 86 rsa_context rsa; 87 entropy_context entropy; 88 ctr_drbg_context ctr_drbg; 89 90 entropy_init(&entropy); 91 assert(ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, nullptr, 0) == 0); 92 93 rsa_init(&rsa, RSA_PKCS_V15, 0); 94 95 assert(mpi_read_binary(&rsa.N, r.rsa_n, BUFFER_SIZE) == 0); 96 assert(mpi_read_binary(&rsa.E, r.rsa_e, BUFFER_SIZE) == 0); 97 98 rsa.len = (mpi_msb(&rsa.N) + 7) >> 3; 99 100 assert(rsa_pkcs1_encrypt(&rsa, ctr_drbg_random, &ctr_drbg, RSA_PUBLIC, plaintext_size, plaintext, ciphertext) == 0); 101 } 102 103 // 解密 104 void decrypt( 105 const rsa &r, 106 const unsigned char* ciphertext, 107 unsigned int ciphertext_size, 108 unsigned char *plaintext, 109 unsigned int &plaintext_size) 110 { 111 rsa_context rsa; 112 entropy_context entropy; 113 ctr_drbg_context ctr_drbg; 114 115 entropy_init(&entropy); 116 assert(ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, nullptr, 0) == 0); 117 118 rsa_init(&rsa, RSA_PKCS_V15, 0); 119 120 assert(mpi_read_binary(&rsa.N, r.rsa_n, BUFFER_SIZE) == 0); 121 assert(mpi_read_binary(&rsa.E, r.rsa_e, BUFFER_SIZE) == 0); 122 assert(mpi_read_binary(&rsa.D, r.rsa_d, BUFFER_SIZE) == 0); 123 assert(mpi_read_binary(&rsa.P, r.rsa_p, BUFFER_SIZE) == 0); 124 assert(mpi_read_binary(&rsa.Q, r.rsa_q, BUFFER_SIZE) == 0); 125 assert(mpi_read_binary(&rsa.DP, r.rsa_dp, BUFFER_SIZE) == 0); 126 assert(mpi_read_binary(&rsa.DQ, r.rsa_dq, BUFFER_SIZE) == 0); 127 assert(mpi_read_binary(&rsa.QP, r.rsa_qp, BUFFER_SIZE) == 0); 128 129 rsa.len = (mpi_msb(&rsa.N) + 7) >> 3; 130 131 assert(rsa_pkcs1_decrypt(&rsa, ctr_drbg_random, &ctr_drbg, RSA_PRIVATE, &plaintext_size, ciphertext, plaintext, plaintext_size) == 0); 132 } 133 134 void test_aes() 135 { 136 // 产生随机的AES key buffer 137 ctr_drbg_context ctr_drbg; 138 entropy_context entropy; 139 unsigned char aes_key_buf[AES_KEY_SIZE] = { 0 }; 140 141 entropy_init(&entropy); 142 assert(ctr_drbg_init(&ctr_drbg, entropy_func, &entropy, nullptr, 0) == 0); 143 ctr_drbg_set_prediction_resistance(&ctr_drbg, CTR_DRBG_PR_OFF); 144 ctr_drbg_random(&ctr_drbg, aes_key_buf, AES_KEY_SIZE); 145 146 // 生成AES 147 aes_context aes_enc, aes_dec; 148 aes_init(&aes_enc); 149 aes_init(&aes_dec); 150 151 assert(aes_setkey_enc(&aes_enc, aes_key_buf, AES_KEY_SIZE) == 0); 152 assert(aes_setkey_dec(&aes_dec, aes_key_buf, AES_KEY_SIZE) == 0); 153 154 // 加密 & 解密. 明文与密文的长度是固定的, 都是16bytes 155 /* 156 const unsigned int DATA_SIZE = 16; 157 unsigned char plaintext[DATA_SIZE] = { 0 }; 158 unsigned char ciphertext[DATA_SIZE] = { 0 }; 159 sprintf((char*)plaintext, "%s", "moyakukudi"); 160 161 assert(aes_crypt_ecb(&aes_enc, AES_ENCRYPT, plaintext, ciphertext) == 0); 162 memset(plaintext, 0, DATA_SIZE); 163 assert(aes_crypt_ecb(&aes_dec, AES_DECRYPT, ciphertext, plaintext) == 0); 164 */ 165 166 // 加密 & 解密. 明文与密文的长度是不固定的, 但必须是16bytes的倍数 167 const unsigned int DATA_SIZE = 1024; 168 unsigned char plaintext[DATA_SIZE] = { 0 }; 169 unsigned char ciphertext[DATA_SIZE] = { 0 }; 170 sprintf((char*)plaintext, "%s", "return 0 if successful, or POLARSSL_ERR_AES_INVALID_INPUT_LENGTH, assert(aes_crypt_ecb(&aes_dec, AES_DECRYPT, ciphertext, plaintext) == 0);"); 171 172 const unsigned int IV_SIZE = 16; 173 unsigned char iv[IV_SIZE] = { 0 }; 174 //unsigned char iv2[IV_SIZE] = { 0 }; 175 //ctr_drbg_random(&ctr_drbg, iv, IV_SIZE); 176 //strcpy((char*)iv2, (const char*)iv); 177 178 assert(aes_crypt_cbc(&aes_enc, AES_ENCRYPT, DATA_SIZE, iv, plaintext, ciphertext) == 0); 179 memset(plaintext, 0, DATA_SIZE); 180 memset(iv, 0, IV_SIZE); 181 assert(aes_crypt_cbc(&aes_dec, AES_DECRYPT, DATA_SIZE, iv, ciphertext, plaintext) == 0); 182 183 puts("over"); 184 } 185 186 int main() 187 { 188 goto AES; 189 190 // RSA 191 RSA: 192 rsa r; 193 generate_rsa(r); 194 195 unsigned char plaintext[] = "moyakukudi"; 196 unsigned char ciphertext[BUFFER_SIZE] = { 0 }; 197 unsigned int ciphertext_len = BUFFER_SIZE; 198 encrypt(r, plaintext, sizeof(plaintext), ciphertext, ciphertext_len); 199 200 unsigned char output[BUFFER_SIZE] = { 0 }; 201 unsigned int output_len = BUFFER_SIZE; 202 decrypt(r, ciphertext, ciphertext_len, output, output_len); 203 204 // AES 205 AES: 206 207 test_aes(); 208 209 system("pause"); 210 return 0; 211 }