Crypto++是个免费的C++加解密类库,由于资格太老、持续更新,最新版本到了CryptoPP 5.6,对天缘而言,第一眼看到CryptoPP就感觉头大,根目录下放置大量单源文件、编译文件、项目文件,再加上多平台和多编译器支持,文件几乎又多了一倍,而且还是都混到一起,直接就让人望而却步。毕竟Crypto是个功能完整,且经过大量用户使用考验的开源库。所以,皱眉学习汇总一下,遂成此文。
本文测试环境:Windows7 SP1+VC6,测试工程名为Test。用VC打开CryptoPP工程文件,会发现有四个子工程:
- cryptdll - 生成cryptopp.dll动态库
- dlltest - 用来测试cryptopp.dll,依赖cryptdll工程
- cryptlib - 生成cryptlib.lib静态库
- cryptest - 用来测试cryptopp,依赖cryptlib工程
所以,我们有两种使用CryptoPP方法,一种是静态链接,还有一种是动态链接,使用对应的工程编译即可,区别就不说了,我们下文以静态链接为例,介绍几种常用加解密算法使用。
一、编译cryptlib
首先需要编译cryptlib,最后得到cryptlib.lib文件。
- 先在测试工程Test下创建目录cryptopp\lib和cryptopp\include,并把Project Settings-C/C++-Processor下Include目录增加“cryptopp\include”。
- 把cryptlib.lib拷贝到Test\cryptopp\lib下。
- 把cryptoPP根目录下所有的*.h文件都拷贝到Test\cryptopp\include下。当然实际上用不了那么多,后续用到哪个include哪个。
下文开始测试使用CryptoPP,实际使用中,如果功能上逻辑上需要修改,可以参考上文测试工程中的示例程序,以及官方文档。下文编译如果报告XX重复定义等错误,请检查LIB库工程和本测试工程的:Project Setting-C/C++-Code Generation User run-time library是否统一。
二、测试cryptlib
1、测试MD5
#define CRYPTOPP_ENABLE_NAMESPACE_WEAK 1 #include "md5.h" using namespace CryptoPP; #pragma comment(lib, "cryptopp\\lib\\cryptlib.lib") using namespace std; void main() { byte message[]="HelloWorld!"; byte mres[16];//MD5 128 bits=16bytes Weak::MD5 md5; md5.Update(message,11);//strlen=11 md5.Final(mres); for(int i=0;i<16;i++) printf("%02X",mres[i]); printf("\n"); }
2、测试AES
//For AES encrypt #include "default.h" #include "cryptlib.h" #include "filters.h" #include "bench.h" #include "osrng.h" #include "hex.h" #include "modes.h" #include "files.h" using namespace CryptoPP; #pragma comment(lib, "cryptopp\\lib\\cryptlib.lib") using namespace std; void main() { unsigned char key[] = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08, 0x01,0x02, 0x03,0x04,0x05,0x06,0x07,0x08};//AES::DEFAULT_KEYLENGTH unsigned char iv[] = {0x01,0x02,0x03,0x03,0x03,0x03,0x03,0x03, 0x03,0x03, 0x01,0x02,0x03,0x03,0x03,0x03}; int keysize = 16; string message = "Hello World!"; string strEncTxt; string strDecTxt; //CBC - PADDING //AES-CBC Encrypt(ONE_AND_ZEROS_PADDING) CBC_Mode<AES>::Encryption Encryptor1(key,keysize,iv); StringSource( message, true, new StreamTransformationFilter( Encryptor1, new StringSink( strEncTxt ), BlockPaddingSchemeDef::BlockPaddingScheme::ONE_AND_ZEROS_PADDING, true) ); //AES-CBC Decrypt CBC_Mode<AES>::Decryption Decryptor1(key,keysize,iv); StringSource( strEncTxt, true, new StreamTransformationFilter( Decryptor1, new StringSink( strDecTxt ), BlockPaddingSchemeDef::BlockPaddingScheme::ONE_AND_ZEROS_PADDING, true) ); //CTR - NO_PADDING //AES-CTR Encrypt CTR_Mode<AES>::Encryption Encryptor2(key,keysize,iv); StringSource( message, true, new StreamTransformationFilter( Encryptor2, new StringSink( strEncTxt ), BlockPaddingSchemeDef::BlockPaddingScheme::NO_PADDING, true) ); //AES-CTR Decrypt CTR_Mode<AES>::Decryption Decryptor2(key,keysize,iv); StringSource( strEncTxt, true, new StreamTransformationFilter( Decryptor2, new StringSink( strDecTxt ), BlockPaddingSchemeDef::BlockPaddingScheme::NO_PADDING, true) ); }
上文是使用StringSource方式加密字符串,还可以使用FileSource方式直接对文件进行加解密操作。示例如下:
SecByteBlock HexDecodeString(const char *hex) { StringSource ss(hex, true, new HexDecoder); SecByteBlock result((size_t)ss.MaxRetrievable()); ss.Get(result, result.size()); return result; } void AES_CTR_Encrypt(const char *hexKey, const char *hexIV, const char *infile, const char *outfile) { SecByteBlock key = HexDecodeString(hexKey); SecByteBlock iv = HexDecodeString(hexIV); CTR_Mode<AES>::Encryption aes(key, key.size(), iv); FileSource(infile, true, new StreamTransformationFilter(aes, new FileSink(outfile))); }
直接调用AES_CTR_Encrypt函数即可,CBC函数需对应修改。
四、使用提示
1、StringSource类定义filters.h
//! zero terminated string as source StringSource(const char *string, bool pumpAll, BufferedTransformation *attachment = NULL) : SourceTemplate<StringStore>(attachment) {SourceInitialize(pumpAll, MakeParameters("InputBuffer", ConstByteArrayParameter(string)));} //! binary byte array as source StringSource(const byte *string, size_t length, bool pumpAll, BufferedTransformation *attachment = NULL) : SourceTemplate<StringStore>(attachment) {SourceInitialize(pumpAll, MakeParameters("InputBuffer", ConstByteArrayParameter(string, length)));} //! std::string as source StringSource(const std::string &string, bool pumpAll, BufferedTransformation *attachment = NULL) : SourceTemplate<StringStore>(attachment) {SourceInitialize(pumpAll, MakeParameters("InputBuffer", ConstByteArrayParameter(string)));}
2、RSA有关的加解密、签名函数
更多请参考工程cryptest工程下test.cpp文件内函数
void GenerateRSAKey(unsigned int keyLength, const char *privFilename, const char *pubFilename, const char *seed); string RSAEncryptString(const char *pubFilename, const char *seed, const char *message); string RSADecryptString(const char *privFilename, const char *ciphertext); void RSASignFile(const char *privFilename, const char *messageFilename, const char *signatureFilename); bool RSAVerifyFile(const char *pubFilename, const char *messageFilename, const char *signatureFilename);