热门标签
热门文章
- 1好看实用的六个html登录页面_登录页面代码
- 2计算机网络复习题(含答案)_某中小型企业包含4个部门,每个部门不超过60台计算机。该企业申请使用私有ip地址19
- 3Linux驱动开发(蜂鸣器,LED驱动)(pinctil、gpio子系统)_粤嵌蜂鸣器
- 4MYSQL ON DELETE CASCADE ON UPDATE CASCADE 外键的级联删除和级联更新_mysql delete cascade on update cascade
- 5【鸿蒙应用ArkTS开发系列】-自定义底部菜单列表弹窗_鸿蒙列表制作
- 6UnicodeDecodeError: 'utf8' codec can't decode byte 0xa5 in position 0: invalid start byte_unicodedecodeerror: 'utf-8' codec can't decode byt
- 7高防IP的技术实现
- 8数字IC/芯片岗位实习面经-2021暑假实习_数字ic项目经历
- 9javaweb:域对象的属性操作setAttribute(),getAttribute()及其作用范围_object 变量 = 作用域对象.getattribute(属性名变量类型
- 10为什么写flash之前需要先擦除_flash写入前为啥一定要擦除
当前位置: article > 正文
代码示例:OpenSSL AES CBC 加密_openssl aes加密
作者:你好赵伟 | 2024-04-14 15:16:15
赞
踩
openssl aes加密
我的github:codetoys,所有代码都将会位于ctfc库中。已经放入库中我会指出在库中的位置。
这些代码大部分以Linux为目标但部分代码是纯C++的,可以在任何平台上使用。
这是一个基于OpenSSL的AES-CBC加密的例子,其中CBC是自行实现的,原因是OpenSSL的CBC始终有问题,可能是我还没做对吧。这个例程的目的是对配置数据加密,不用于对外交换,所以CBC有没写对我也不能担保——反正这个程序自己加密的自己解密是没问题的。
目录
5.2 加密解密AES_encrypt/AES_decrypt
1 介绍
这个例程是基于CentOS7/8的,64位,OpenSSL大概是1.1,我也在windows上做了测试,代码可能需要修改,CBC的问题同样存在(所以我就放弃解决了,自己写了一个)。
使用OpenSSL需要头文件位置和库,如果头文件安装到标准位置则不需要-I参数,库是 -lssl -lcrypt
2 代码概要
- //需要的OpenSSL的两个头文件
- #include <openssl/aes.h>
- #include <openssl/rand.h>
-
- class CMyOpenSSL
- {
- private:
- //用来输出十六进制数据
- static void show_buf(char const* title, unsigned char const* buf, int len)
- {
- 。。。。。。
- }
- //需要一个从用户密码生成密钥的函数
- //这个函数我没写,有标准算法从密码生成密钥,类似于对密码进行哈希
- public:
- //这就是一般所说的“盐”
- class IV
- {
- private:
- unsigned char iv[AES_BLOCK_SIZE * 5];//其实不需要*5,但我原来就是这么写的,为了调试吧
- public:
- //执行异或
- static void XOR(unsigned char const * iv,unsigned char* data)
- {
- 。。。。。。
- }
- //用随机数设置
- void Create()
- {
- 。。。。。。
- }
- 。。。。。。
- };
- //由于网上的例子也一样无法解密,所以自行实现CBC
- static void my_AES_cbc_encrypt(const unsigned char* in, unsigned char* out, size_t length, const AES_KEY* key, unsigned char* ivec, const int enc)
- {
- 。。。。。。
- }
- //AES加密
- static int aes_encrypt(unsigned char const* userpasswd, int userpasswd_len, vector<unsigned char> const& in_plain, vector<unsigned char>& out_ciphertext, IV& iv)
- {
- 。。。。。。
- }
- //AES解密
- static int aes_decrypt(unsigned char const* userpasswd, int userpasswd_len, vector<unsigned char> const& in_ciphertext, vector<unsigned char>& out_plain, IV& iv)
- {
- 。。。。。。
- }
- //保护数据,用密码加密并做格式转换
- static bool protect_encode(CBuffer const& passwd, CBuffer const& input, CBuffer& output)
- {
- 。。。。。。
- }
- //保护数据,用密码加密并做格式转换
- static bool protect_decode(CBuffer const& passwd, CBuffer const& input, CBuffer& output)
- {
- 。。。。。。
- }
- //下面两个就是网上别人写的程序,一样得不到正确结果
- // a simple hex-print routine. could be modified to print 16 bytes-per-line
- static void hex_print(const void* pv, size_t len)
- {
- 。。。。。。
- }
-
- // main entrypoint
- static int a()
- {
- 。。。。。。
- }
- //测试代码
- static bool aes_test()
- {
- 。。。。。。
- }
- };
主要函数如下:
my_AES_cbc_encrypt 我自己写的AES-CBC加密和解密,调用了openSSL的AES_encrypt和AES_decrypt,想学习AES怎么用看看这个函数就可以了
aes_encrypt AES加密,调用了openSSL的AES_set_encrypt_key和我自己写的my_AES_cbc_encrypt,为了方便把明文长度作为第一个数据块
aes_decrypt AES解密,调用了openSSL的AES_set_decrypt_key和我自己写的my_AES_cbc_encrypt
protect_encode和protect_decode是我自己写的加密配置数据的方法,完全是自定义的
a 是网上找来的测试代码,证明AES-CBC确实有问题,不是我一个人的问题
3 主要代码
下面是主要代码,上面有一些注释是我临时加的,不在完整代码里面,还有一些辅助类后面列出。
- #include <openssl/aes.h>
- #include <openssl/rand.h>
-
- class CMyOpenSSL
- {
- private:
- static unsigned char const ver;
-
- static void show_buf(char const* title, unsigned char const* buf, int len)
- {
- cout << title << " ";
- for (int i = 0; i < len; ++i)
- {
- cout << hex << setw(2) << setfill('0') << (unsigned int)buf[i] << " ";
- }
- cout << endl;
- }
- //需要一个从用户密码生成密钥的函数
- public:
- class IV
- {
- private:
- unsigned char iv[AES_BLOCK_SIZE * 5];
- public:
- IV()
- {
- memset(iv, 0, AES_BLOCK_SIZE * 5);
- }
- //执行异或
- static void XOR(unsigned char const * iv,unsigned char* data)
- {
- //show_buf("IV ", iv, AES_BLOCK_SIZE);
- //show_buf("DATA", data, AES_BLOCK_SIZE);
- for (int i = 0; i < AES_BLOCK_SIZE; ++i)
- {
- data[i] ^= iv[i];
- }
- //show_buf("DATA", data, AES_BLOCK_SIZE);
- }
- int size()const
- {
- return AES_BLOCK_SIZE;
- }
- //用随机数设置
- void Create()
- {
- time_t t = time(NULL);
- srand(t);
- for (int i = 0; i < AES_BLOCK_SIZE; i += sizeof(int))
- {
- int a = rand();
- memcpy(iv + i, &a, sizeof(int));
- }
- }
- void Set(unsigned char const* a)
- {
- memcpy(iv, a, AES_BLOCK_SIZE);
- }
- //注意,会修改内容
- unsigned char* Get()
- {
- //show_buf("", iv, AES_BLOCK_SIZE * 2);
- return iv;
- }
- };
- //由于网上的例子也一样无法解密,所以自行实现CBC
- static void my_AES_cbc_encrypt(const unsigned char* in, unsigned char* out, size_t length, const AES_KEY* key, unsigned char* ivec, const int enc)
- {
- for (int i = 0; i < length; i += AES_BLOCK_SIZE)
- {
- if (AES_ENCRYPT == enc)
- {
- unsigned char tmpin[AES_BLOCK_SIZE];
- memcpy(tmpin, in + i, AES_BLOCK_SIZE);
- IV::XOR(ivec, tmpin);
- AES_encrypt(tmpin, out + i, key);
- memcpy(ivec, out + i, AES_BLOCK_SIZE);
- }
- else
- {
- unsigned char tmpiv[AES_BLOCK_SIZE];
- memcpy(tmpiv, in + i, AES_BLOCK_SIZE);
- AES_decrypt(in + i, out + i, key);
- IV::XOR(ivec, out + i);
- memcpy(ivec, tmpiv, AES_BLOCK_SIZE);
- }
- }
- }
- static int aes_encrypt(unsigned char const* userpasswd, int userpasswd_len, vector<unsigned char> const& in_plain, vector<unsigned char>& out_ciphertext, IV& iv)
- {
- out_ciphertext.clear();
- unsigned char userkey[32];//必须是16/24/32
- memset((void*)userkey, '\0', 32);
- memcpy(userkey, userpasswd, (userpasswd_len > 32 ? 32 : userpasswd_len));
- /*设置加密key及密钥长度*/
- AES_KEY key;
- if (AES_set_encrypt_key(userkey, 32 * 8, &key) < 0)
- {
- return __LINE__;
- }
-
- int len = 0;
- /*循环加密,每次只能加密AES_BLOCK_SIZE长度的数据*/
- out_ciphertext.reserve(in_plain.size() + AES_BLOCK_SIZE);
- while (len < in_plain.size())
- {
- if (0 == len)
- {//第一个块是明文长度
- out_ciphertext.resize(out_ciphertext.size() + AES_BLOCK_SIZE);
- unsigned char tmp[AES_BLOCK_SIZE];
- memset((void*)tmp, '\0', AES_BLOCK_SIZE);
- long tmp_len = in_plain.size();
- memcpy(tmp, &tmp_len, sizeof(long));
- //show_buf("明文长度加密前 ", tmp, AES_BLOCK_SIZE);
- my_AES_cbc_encrypt(tmp, &out_ciphertext[out_ciphertext.size() - AES_BLOCK_SIZE], AES_BLOCK_SIZE, &key, iv.Get(), AES_ENCRYPT);
- //show_buf("明文长度加密后", &out_ciphertext[out_ciphertext.size() - AES_BLOCK_SIZE], AES_BLOCK_SIZE);
- }
- out_ciphertext.resize(out_ciphertext.size() + AES_BLOCK_SIZE);
- if (in_plain.size() - len < AES_BLOCK_SIZE)
- {
- unsigned char tmp[AES_BLOCK_SIZE];
- memset((void*)tmp, '\0', AES_BLOCK_SIZE);
- memcpy(tmp, &in_plain[len], in_plain.size() - len);
- my_AES_cbc_encrypt(tmp, &out_ciphertext[out_ciphertext.size() - AES_BLOCK_SIZE], AES_BLOCK_SIZE, &key, iv.Get(), AES_ENCRYPT);
- }
- else
- {
- my_AES_cbc_encrypt(&in_plain[len], &out_ciphertext[out_ciphertext.size() - AES_BLOCK_SIZE], AES_BLOCK_SIZE, &key, iv.Get(), AES_ENCRYPT);
- }
- len += AES_BLOCK_SIZE;
- }
-
- return 0;
- }
- static int aes_decrypt(unsigned char const* userpasswd, int userpasswd_len, vector<unsigned char> const& in_ciphertext, vector<unsigned char>& out_plain, IV& iv)
- {
- out_plain.clear();
- unsigned char userkey[32];//必须是16/24/32
- memset((void*)userkey, '\0', 32);
- memcpy(userkey, userpasswd, (userpasswd_len > 32 ? 32 : userpasswd_len));
- /*设置解密key及密钥长度*/
- AES_KEY key;
- if (AES_set_decrypt_key(userkey, 32 * 8, &key) < 0)
- {
- return __LINE__;
- }
-
- int len = 0;
- /*循环解密*/
- out_plain.reserve(in_ciphertext.size());
- long out_len = 0;//原始长度,放在第一个加密块
- while (len < in_ciphertext.size())
- {
- if (0 == len)
- {//第一个块是明文长度
- unsigned char tmp[AES_BLOCK_SIZE];
- //show_buf("明文长度解密前", &in_ciphertext[len], AES_BLOCK_SIZE);
- my_AES_cbc_encrypt(&in_ciphertext[len], tmp, AES_BLOCK_SIZE, &key, iv.Get(), AES_DECRYPT);
- //show_buf("明文长度解密后", tmp, AES_BLOCK_SIZE);
- memcpy(&out_len, tmp, sizeof(long));
- //thelog << "明文长度应该是 " << out_len << endi;
- len += AES_BLOCK_SIZE;
- }
- out_plain.resize(out_plain.size() + AES_BLOCK_SIZE);
- my_AES_cbc_encrypt(&in_ciphertext[len], &out_plain[out_plain.size() - AES_BLOCK_SIZE], AES_BLOCK_SIZE, &key, iv.Get(), AES_DECRYPT);
- len += AES_BLOCK_SIZE;
- }
-
- //恢复原始长度
- if (out_plain.size() > out_len)out_plain.resize(out_len);
-
- return 0;
- }
- //保护数据,用密码加密并做格式转换
- static bool protect_encode(CBuffer const& passwd, CBuffer const& input, CBuffer& output)
- {
- output.setSize(0);
- IV iv;
- iv.Create();
-
- CBuffer tmp;
- tmp.AddData(&ver, 1);//第一个字节是版本
- tmp.AddData(iv.Get(), iv.size());//然后是IV,必须在加密之前保存,加密之后会改变
-
- //加密
- vector<unsigned char> in_plain;
- in_plain.resize(input.size());
- memcpy(&in_plain[0], input.data(), input.size());
- vector<unsigned char> out_ciphertext;
- aes_encrypt(passwd.data(), passwd.size(), in_plain, out_ciphertext, iv);
- thelog << out_ciphertext.size() << endi;
-
- //添加加密后数据
- tmp.AddData(&out_ciphertext[0], out_ciphertext.size());
- thelog << tmp.size() << endi;
-
- output.reserve(tmp.size() * 4 / 3 + 4 + 1);//三字节转为4字节,编码函数在最后还会加上一个字符串结束符
- thelog << output.capacity() << " " << output.size() << endi;
- int n = CBase64::Base64Enc(output.lockBuffer(), tmp.data(), tmp.size());
- output.releaseBuffer();
- if (n > output.capacity())thelog << "长度不足" << ende;
- output.setSize(n);
- thelog << output.size() << " [" << output.data() << "]" << endi;
-
- return true;
- }
- //保护数据,用密码加密并做格式转换
- static bool protect_decode(CBuffer const& passwd, CBuffer const& input, CBuffer& output)
- {
- output.setSize(0);
-
- CBuffer tmp;
- //这里导致了奇怪的内存错误,实际并不需要这么长
- tmp.reserve(input.size() + 100);//实际需要的是4转3,解码函数最后会加上一个字符串结束符
- //thelog << input.size() << " " << tmp.capacity() << " " << tmp.size() << endi;
- int n = CBase64::Base64Dec(tmp.lockBuffer(), input.data(), input.size());
- tmp.releaseBuffer();
- if (n<0 || n > tmp.capacity())thelog << "长度不足" << ende;
- tmp.setSize(n);
-
- if (tmp.data()[0] != ver)
- {
- thelog << "加密版本错误" << ende;
- return false;
- }
- else
- {
- //thelog << "加密版本 " << (int)tmp.data()[0]<<" " << (int)ver << ende;
- }
-
- IV iv;
- iv.Set(tmp.data() + 1);
-
- vector<unsigned char> in_plain;
- in_plain.resize(tmp.size() - 1 - iv.size());
- memcpy(&in_plain[0], tmp.data() + 1 + iv.size(), tmp.size() - 1 - iv.size());
- //thelog << tmp.size() << " " << in_plain.size() << endi;
- vector<unsigned char> out_ciphertext;
- aes_decrypt(passwd.data(), passwd.size(), in_plain, out_ciphertext, iv);
-
- output.AddData(&out_ciphertext[0], out_ciphertext.size());
-
- return true;
- }
- // a simple hex-print routine. could be modified to print 16 bytes-per-line
- static void hex_print(const void* pv, size_t len)
- {
- const unsigned char* p = (const unsigned char*)pv;
- if (NULL == pv) {
- printf("NULL");
- }
- else {
- size_t i = 0;
- for (; i < len; ++i) {
- printf("%02X ", *p++);
- }
- }
- printf("\n");
- }
-
- // main entrypoint
- static int a()
- {
- int const keylength = 128;
-
- /* generate a key with a given length */
- unsigned char aes_key[keylength / 8];
- memset(aes_key, 0, keylength / 8);
- if (!RAND_bytes(aes_key, keylength / 8)) {
- exit(-1);
- }
-
- size_t const inputslength = 16;
-
- /* generate input with a given length */
- unsigned char aes_input[inputslength];
- memset(aes_input, 1, inputslength);
-
- /* init vector */
- unsigned char iv_enc[AES_BLOCK_SIZE], iv_dec[AES_BLOCK_SIZE];
- RAND_bytes(iv_enc, AES_BLOCK_SIZE);
- memcpy(iv_dec, iv_enc, AES_BLOCK_SIZE);
-
- // buffers for encryption and decryption
- const size_t encslength = ((inputslength + AES_BLOCK_SIZE) / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
- unsigned char enc_out[encslength];
- unsigned char dec_out[inputslength];
- memset(enc_out, 0, sizeof(enc_out));
- memset(dec_out, 0, sizeof(dec_out));
-
- // so i can do with this aes-cbc-128 aes-cbc-192 aes-cbc-256
- AES_KEY enc_key, dec_key;
- AES_set_encrypt_key(aes_key, keylength, &enc_key);
- AES_cbc_encrypt(aes_input, enc_out, inputslength, &enc_key, iv_enc, AES_ENCRYPT);
-
- AES_set_decrypt_key(aes_key, keylength, &dec_key);
- AES_cbc_encrypt(enc_out, dec_out, encslength, &dec_key, iv_dec, AES_DECRYPT);
-
- printf("original:\t");
- hex_print(aes_input, sizeof(aes_input));
-
- printf("encrypt:\t");
- hex_print(enc_out, sizeof(enc_out));
-
- printf("decrypt:\t");
- hex_print(dec_out, sizeof(dec_out));
-
- return 0;
- }
- static bool aes_test()
- {
- if (true)
- {
- unsigned char userkey[32];//必须是16/24/32
- memset((void*)userkey, '\0', 32);
- memcpy(userkey, "12345", 5);
- AES_KEY key;
- if (AES_set_encrypt_key(userkey, 16 * 8, &key) < 0)
- {
- return __LINE__;
- }
- unsigned char iv[AES_BLOCK_SIZE];
- unsigned char data[AES_BLOCK_SIZE];
- memset(data, 1, AES_BLOCK_SIZE);
- unsigned char data2[AES_BLOCK_SIZE];
- memset(data2, 0, AES_BLOCK_SIZE);
- unsigned char data3[AES_BLOCK_SIZE * 3];
- memset(data3, 0, AES_BLOCK_SIZE * 3);
-
- memset(iv, 0, AES_BLOCK_SIZE);
- show_buf("简单输入 ", data, AES_BLOCK_SIZE);
- show_buf("iv ", iv, AES_BLOCK_SIZE);
- AES_cbc_encrypt(data, data2, AES_BLOCK_SIZE, &key, iv, AES_ENCRYPT);
- show_buf("加密后 ", data2, AES_BLOCK_SIZE);
- show_buf("iv ", iv, AES_BLOCK_SIZE);
-
- if (AES_set_decrypt_key(userkey, 16 * 8, &key) < 0)
- {
- return __LINE__;
- }
- memset(iv, 0, AES_BLOCK_SIZE);
- show_buf("解密前 ", data2, AES_BLOCK_SIZE);
- show_buf("iv ", iv, AES_BLOCK_SIZE);
- AES_cbc_encrypt(data2, data3, AES_BLOCK_SIZE, &key, iv, AES_DECRYPT);
- show_buf("简单输出 ", data3, AES_BLOCK_SIZE * 3);
- show_buf("iv ", iv, AES_BLOCK_SIZE);
-
- a();
- }
- if (true)
- {
- string passwd = "13579";
- vector<unsigned char> plaintext;
- for (int i = 0; i < 65; ++i)
- {
- plaintext.push_back(i);
- }
- vector<unsigned char> out;
- IV iv;
- iv.Create();
- IV iv2;
- iv2.Set(iv.Get());
- //show_buf("初始IV", iv.Get(), iv.size());
- aes_encrypt((unsigned char*)passwd.c_str(), passwd.size(), plaintext, out, iv);
- vector<unsigned char> plaintext2;
- //show_buf("初始IV", iv2.Get(), iv2.size());
- aes_decrypt((unsigned char*)passwd.c_str(), passwd.size(), out, plaintext2, iv2);
-
- thelog << plaintext.size() << " " << out.size() << " " << plaintext2.size() << ENDI;
- printf("plantext2: \n");
- for (int i = 0; i < plaintext2.size(); i++)
- {
- printf("%.2x ", plaintext2[i]);
- if ((i + 1) % 32 == 0)
- {
- printf("\n");
- }
- }
- printf("\n");
- }
-
- if (true)
- {
- try
- {
- char const* plaintext = "1234567890";
- CBuffer pass;
- CBuffer in;
- CBuffer out;
- pass.SetData("123");
- in.SetData(plaintext);
- thelog << in.data() << endi;
- protect_encode(pass, in, out);
- thelog << out.size() << " [" << out.data() << "]" << endi;
- CBuffer out2;
- if (!protect_decode(pass, out, out2))thelog << "解码失败" << ende;
- thelog << out2.data() << endi;
- if (0 == strcmp(plaintext, (char*)out2.data()))
- {
- thelog << "匹配成功" << endi;
- }
- else
- {
- thelog << "匹配失败" << ende;
- }
- //out2.lockBuffer();
- //out2.setSize(10240);
- }
- catch (...)
- {
- thelog << "异常发生" << ende;
- }
- }
-
- return true;
- }
- };
4 辅助代码
thelog可以替换为cout,endi、ende可以替换为endl。
CBuffer就是个包装的缓冲区,代码如下:
- //内部隐含保持一个结束符,不计算在容量和大小之内,确保数据可以被当作字符串使用
- class CBuffer
- {
- private:
- string name;
- unsigned char* p = NULL;
- size_t buffer_size = 0;
- size_t data_size = 0;
- bool bLockBuffer = false;
-
- void _init()
- {
- static int i = 0;
- char buf[64];
- sprintf(buf, "CBuffer%d", i++);
- name = buf;
-
- if (p)throw "p不为空指针";
- p = new unsigned char[1];
- if (!p)throw "内存不足";
- p[0] = '\0';
- buffer_size = 0;
- }
- public:
- CBuffer()
- {
- _init();
- }
- CBuffer(CBuffer const & tmp)
- {
- _init();
- SetData(tmp.data(), tmp.data_size);
- }
- CBuffer & operator=(CBuffer const & tmp)
- {
- _init();
- SetData(tmp.data(), tmp.data_size);
- return *this;
- }
- ~CBuffer()
- {
- //cout << "~CBuffer " << name <<" "<<(long)p<<" "<< buffer_size<<" "<<data_size << endl;
- if (p)delete[]p;
- data_size = 0;
- buffer_size = 0;
- p = NULL;
- }
- size_t capacity()const { return buffer_size; }
- size_t size()const { return data_size; }
- unsigned char const * data()const { return p; }
- unsigned char* lockBuffer()
- {
- bLockBuffer = true;
- return p;
- }
- void releaseBuffer() { bLockBuffer = false; }
- void setSize(long s)
- {
- reserve(s);
- p[s] = '\0';
- data_size = s;
- }
- bool reserve(size_t n)
- {
- if (n > buffer_size)
- {
- if (bLockBuffer)
- {
- cout << "缓冲区已锁定" << endl;
- throw "缓冲区已锁定";
- }
- //cout << name << " "<< "reserve " << (long)p << " " << buffer_size << " " << data_size << endl;
- //cout << name<<"需要扩展 " << buffer_size << " -> " << n << endl;
- unsigned char * p2 = new unsigned char[n + 1];
- if (p2)
- {
- if (p)
- {
- memmove(p2, p, data_size);
- delete[]p;
- }
- buffer_size = n;
- p2[data_size] = '\0';
- p = p2;
- //cout << name<< "扩展成功 " << buffer_size << " -> " << n << endl;
- return true;
- }
- else
- {
- //cout << name<<"扩展失败 " << buffer_size << " -> " << n << endl;
- return false;
- }
- }
- return true;
- }
- bool AddData(void const * data, long len)
- {
- if (!reserve(data_size + len))return false;
- memmove(p + data_size, data, len);
- setSize(data_size + len);
- return true;
- }
- bool SetData(char const * sz)
- {
- setSize(0);
- return AddData((void *)sz, strlen(sz));
- }
- bool SetData(unsigned char const* sz, long len)
- {
- return SetData((char const*)sz,len);
- }
- bool SetData(char const* sz, long len)
- {
- setSize(0);
- return AddData((void *)sz, len);
- }
- bool Compare(CBuffer const & tmp)const
- {
- if (data_size != tmp.data_size)return false;
- if (data_size > 0)return 0 == memcmp(tmp.data(), data(), data_size);
- else return true;
- }
- };
CBase64是Base64编码,代码如下:
- class CBase64
- {
- public:
- static int Base64Enc(unsigned char *buf, unsigned char const *text,int size)
- {
- static unsigned char const * base64_encoding = (unsigned char const*)"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
- int buflen = 0;
-
- while(size>0)
- {
- *buf++ = base64_encoding[ (text[0] >> 2 ) & 0x3f];
- if(size>2)
- {
- *buf++ = base64_encoding[((text[0] & 3) << 4) | (text[1] >> 4)];
- *buf++ = base64_encoding[((text[1] & 0xF) << 2) | (text[2] >> 6)];
- *buf++ = base64_encoding[text[2] & 0x3F];
- }
- else
- {
- switch(size)
- {
- case 1:
- *buf++ = base64_encoding[(text[0] & 3L) << 4L ];
- *buf++ = '=';
- *buf++ = '=';
- break;
- case 2:
- *buf++ = base64_encoding[((text[0] & 3) << 4) | (text[1] >> 4)];
- *buf++ = base64_encoding[((text[1] & 0x0F) << 2) | (text[2] >> 6)];
- *buf++ = '=';
- break;
- }
- }
-
- text +=3;
- size -=3;
- buflen +=4;
- }
-
- *buf = 0;
- return buflen;
- }
-
- //base64解码的实现
-
- static unsigned char GetBase64Value(unsigned char ch)
- {
- if ((ch >= 'A') && (ch <= 'Z'))
- return ch - 'A';
- if ((ch >= 'a') && (ch <= 'z'))
- return ch - 'a' + 26;
- if ((ch >= '0') && (ch <= '9'))
- return ch - '0' + 52;
- switch (ch)
- {
- case '+':
- return 62;
- case '/':
- return 63;
- case '=': /* base64 padding */
- return 0;
- default:
- return 0;
- }
- }
-
- //进行base64解码输入应该是4的倍数(根据mime标准)
- //如果不是4倍数返回错误
- //注意 如果是最后一个字符 那么长度不准备 可能会多1
- //返回buf长度
- static int Base64Dec(unsigned char *buf, unsigned char const *text,int size)
- {
- if(size%4)
- return -1;
- unsigned char chunk[4];
- int parsenum=0;
-
- while(size>0)
- {
- chunk[0] = GetBase64Value(text[0]);
- chunk[1] = GetBase64Value(text[1]);
- chunk[2] = GetBase64Value(text[2]);
- chunk[3] = GetBase64Value(text[3]);
-
- *buf++ = (chunk[0] << 2) | (chunk[1] >> 4);
- *buf++ = (chunk[1] << 4) | (chunk[2] >> 2);
- *buf++ = (chunk[2] << 6) | (chunk[3]);
-
- text+=4;
- size-=4;
- parsenum+=3;
- }
-
- buf[parsenum]='\0';
- return parsenum;
- }
- };
5 openSSL的AES用法
5.1 设置KEY
加密解密的密钥存储为AES_KEY,需要通过AES_set_encrypt_key或AES_set_decrypt_key来设置:
- static int aes_encrypt(unsigned char const* userpasswd, int userpasswd_len, vector<unsigned char> const& in_plain, vector<unsigned char>& out_ciphertext, IV& iv)
- {
- out_ciphertext.clear();
- unsigned char userkey[32];//必须是16/24/32
- memset((void*)userkey, '\0', 32);
- memcpy(userkey, userpasswd, (userpasswd_len > 32 ? 32 : userpasswd_len));
- /*设置加密key及密钥长度*/
- AES_KEY key;
- if (AES_set_encrypt_key(userkey, 32 * 8, &key) < 0)
- {
- return __LINE__;
- }
- 。。。。。。
注意加密和解密的函数是不一样的。
5.2 加密解密AES_encrypt/AES_decrypt
这两个函数非常简单,参数只有输入、输出、KEY,简单明了。
(这里是文档结束)
声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/你好赵伟/article/detail/422737
推荐阅读
相关标签
