AES加密和解密——使用openssl编程


AES是一套对称密钥的密码术,目前已广泛使用,用于替代已经不够安全的DES算法。所谓对称密钥,就是说加密和解密用的是同一个密钥,消息的发送方和接收方在消息传递前需要享有这个密钥。和非对称密钥体系不同,这里的密钥是双方保密的,不会让任何第三方知道。

对称密钥加密法主要基于块加密,选取固定长度的密钥,去加密明文中固定长度的块,生成的密文块与明文块长度一样。显然密钥长度十分重要,块的长度也很重要。如果太短,则很容易枚举出所有的明文-密文映射;如果太长,性能则会急剧下降。AES中规定块长度为128 bit,而密钥长度可以选择128, 192或256 bit 。暴力破解密钥需要万亿年,这保证了AES的安全性。

AES的算法较为复杂,在此不细加阐述。下面是使用openssl进行AES加密和解密的示例程序:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<pre class="cpp" courier="" new",="" courier,="" "lucida="" console",="" monaco,="" "dejavu="" sans="" mono",="" "nimbus="" mono="" l",="" "bitstream="" vera="" "microsoft="" yahei";"="" style="margin-top: 0px; margin-bottom: 0px; padding: 0.8em; font-family: 'Courier New', Courier, 'Lucida Console', Monaco, 'DejaVu Sans Mono', 'Nimbus Mono L', 'Bitstream Vera Sans Mono'; overflow: visible; background-color: rgb(255, 255, 255); width: auto; border: 1px solid rgb(221, 221, 221); float: none; clear: none; line-height: 1.333; ">/** aes.cc* - Show the usage of AES encryption/decryption*/ #include <stdio.h>#include <string.h>#include <stdlib.h>#include <openssl/aes.h> int main(int argc, char** argv) { AES_KEY aes; unsigned char key[AES_BLOCK_SIZE]; // AES_BLOCK_SIZE = 16 unsigned char iv[AES_BLOCK_SIZE]; // init vector unsigned char* input_string; unsigned char* encrypt_string; unsigned char* decrypt_string; unsigned int len; // encrypt length (in multiple of AES_BLOCK_SIZE) unsigned int i;  // check usage if (argc != 2) { fprintf(stderr, "%s <plain text>\n", argv[0]); exit(-1); }  // set the encryption length len = 0; if ((strlen(argv[1]) + 1) % AES_BLOCK_SIZE == 0) { len = strlen(argv[1]) + 1; } else { len = ((strlen(argv[1]) + 1) / AES_BLOCK_SIZE + 1) * AES_BLOCK_SIZE; }  // set the input string input_string = (unsigned char*)calloc(len, sizeof(unsigned char)); if (input_string == NULL) { fprintf(stderr, "Unable to allocate memory for input_string\n"); exit(-1); } strncpy((char*)input_string, argv[1], strlen(argv[1]));  // Generate AES 128-bit key for (i=0; i<16; ++i) { key[i] = 32 + i; }  // Set encryption key for (i=0; i<AES_BLOCK_SIZE; ++i) { iv[i] = 0; } if (AES_set_encrypt_key(key, 128, &aes) < 0) { fprintf(stderr, "Unable to set encryption key in AES\n"); exit(-1); }  // alloc encrypt_string encrypt_string = (unsigned char*)calloc(len, sizeof(unsigned char)); if (encrypt_string == NULL) { fprintf(stderr, "Unable to allocate memory for encrypt_string\n"); exit(-1); }  // encrypt (iv will change) AES_cbc_encrypt(input_string, encrypt_string, len, &aes, iv, AES_ENCRYPT);  // alloc decrypt_string decrypt_string = (unsigned char*)calloc(len, sizeof(unsigned char)); if (decrypt_string == NULL) { fprintf(stderr, "Unable to allocate memory for decrypt_string\n"); exit(-1); }  // Set decryption key for (i=0; i<AES_BLOCK_SIZE; ++i) { iv[i] = 0; } if (AES_set_decrypt_key(key, 128, &aes) < 0) { fprintf(stderr, "Unable to set decryption key in AES\n"); exit(-1); }  // decrypt AES_cbc_encrypt(encrypt_string, decrypt_string, len, &aes, iv, AES_DECRYPT);  // print printf("input_string = %s\n", input_string); printf("encrypted string = "); for (i=0; i<len; ++i) { printf("%x%x", (encrypt_string[i] >> 4) & 0xf, encrypt_string[i] & 0xf); } printf("\n"); printf("decrypted string = %s\n", decrypt_string);  return 0;}

编译Makefile:

<pre class="cmake" courier="" new",="" courier,="" "lucida="" console",="" monaco,="" "dejavu="" sans="" mono",="" "nimbus="" mono="" l",="" "bitstream="" vera="" "microsoft="" yahei";"="" style="margin-top: 0px; margin-bottom: 0px; padding: 0.8em; font-family: 'Courier New', Courier, 'Lucida Console', Monaco, 'DejaVu Sans Mono', 'Nimbus Mono L', 'Bitstream Vera Sans Mono'; overflow: visible; font-size: 12px; background-color: rgb(255, 255, 255); width: auto; border: 1px solid rgb(221, 221, 221); float: none; clear: none; line-height: 1.333; ">CC=g++CFLAGS=-Wall -g -O2LIBS=-lcrypto all: aes aes: aes.cc $ (CC ) $ (CFLAGS ) aes.cc -o $@ $ (LIBS ) clean: @rm -f aes



  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值