对称密码就是加密和解密使用同一个key
对称密码算法有很多,但是现在只有AES (Advanced Encryption Standard) 是最常用的,其它像 DES, 3DES 等都已淘汰
AES是一种块密码算法,块密码算法只能对固定长度的数据进行加密,例如:AES的块长度是128位,即16字节。AES算法将一个明文块加密生成一个密文块,密文快的长度跟明文块相等,都为16字节。
如果要加密的数据比16字节长,就要进行分块加密,然后将密文块组合成完整的密文。
分块加密并组合有多种方法,称为mode。主要模式有ecb, cbc, cfb, ofb, ctr 等,但是最常用的只有两种:即 cbc 和 ctr,其它都已淘汰
为方便使用,下面对苹果平台提供的对称密码库做个封装
头文件:Aes.h
#ifndef Aes_h
#define Aes_h
#include
#include
class Aes final {
public:
enum struct Mode {
Cbc,
Ctr,
};
enum struct Operation {
Encrypt,
Decrypt,
};
enum {
KeySize128 = 16,
KeySize192 = 24,
KeySize256 = 32,
};
public:
typedef std::vector Data;
public:
static Data encrypt_cbc_128(const Data &data, const uint8_t (&key)[KeySize128], const uint8_t (&iv)[16]);
static Data decrypt_cbc_128(const Data &data, const uint8_t (&key)[KeySize128], const uint8_t (&iv)[16]);
public:
~Aes();
Aes(Operation op, Mode mode, const uint8_t (&key)[KeySize128], const uint8_t (&iv)[16]);
Aes(Operation op, Mode mode, const uint8_t (&key)[KeySize192], const uint8_t (&iv)[16]);
Aes(Operation op, Mode mode, const uint8_t (&key)[KeySize256], const uint8_t (&iv)[16]);
Aes(Aes &&aes) noexcept;
Aes &operator=(Aes &&aes) noexcept;
Data update(const Data &data);
Data final();
void reset();
private:
struct AesImpl *_impl = nullptr;
};
#endif /* Aes_h */
实现文件:Aes.cpp
#include "Aes.h"
#include
#include
struct AesImpl final {
public:
~AesImpl()
{
CCCryptorRelease(_cryptor);
}
AesImpl(Aes::Operation op, Aes::Mode mode, const void *key, size_t keyLength, const void *iv)
{
CCCryptorCreateWithMode(_operation(op), _mode(mode), kCCAlgorithmAES, ccPKCS7Padding, iv, key, keyLength, nullptr, 0, 0, 0, &_cryptor);
}
Aes::Data update(const Aes::Data &data)
{
size_t len = CCCryptorGetOutputLength(_cryptor, data.size(), false);
Aes::Data buf(len);
size_t size = 0;
CCCryptorUpdate(_cryptor, data.data(), data.size(), buf.data(), buf.size(), &size);
return buf;
}
Aes::Data final()
{
Aes::Data buf(kCCBlockSizeAES128);
size_t size = 0;
CCCryptorFinal(_cryptor, buf.data(), buf.size(), &size);
buf.resize(size);
return buf;
}
void reset()
{
CCCryptorReset(_cryptor, nullptr);
}
private:
constexpr CCOperation _operation(Aes::Operation op) const
{
switch (op) {
case Aes::Operation::Encrypt:
return kCCEncrypt;
case Aes::Operation::Decrypt:
return kCCDecrypt;
}
}
constexpr CCMode _mode(Aes::Mode mode) const
{
switch (mode) {
case Aes::Mode::Cbc:
return kCCModeCBC;
case Aes::Mode::Ctr:
return kCCModeCTR;
}
}
private:
CCCryptorRef _cryptor = nullptr;
};
#pragma mark -
Aes::~Aes()
{
delete _impl;
}
Aes::Aes(Operation op, Mode mode, const uint8_t (&key)[KeySize128], const uint8_t (&iv)[16])
: _impl(new AesImpl(op, mode, key, KeySize128, iv))
{
}
Aes::Aes(Operation op, Mode mode, const uint8_t (&key)[KeySize192], const uint8_t (&iv)[16])
: _impl(new AesImpl(op, mode, key, KeySize192, iv))
{
}
Aes::Aes(Operation op, Mode mode, const uint8_t (&key)[KeySize256], const uint8_t (&iv)[16])
: _impl(new AesImpl(op, mode, key, KeySize256, iv))
{
}
Aes::Aes(Aes &&aes) noexcept : _impl(aes._impl)
{
aes._impl = nullptr;
}
Aes &Aes::operator=(Aes &&aes) noexcept
{
assert(&aes != this);
delete _impl;
_impl = aes._impl;
aes._impl = nullptr;
return *this;
}
Aes::Data Aes::update(const Data &data)
{
return _impl->update(data);
}
Aes::Data Aes::final()
{
return _impl->final();
}
void Aes::reset()
{
return _impl->reset();
}
Aes::Data Aes::encrypt_cbc_128(const Data &data, const uint8_t (&key)[KeySize128], const uint8_t (&iv)[16])
{
Data buf;
Aes aes(Operation::Encrypt, Mode::Cbc, key, iv);
auto u = aes.update(data);;
buf.insert(buf.end(), u.cbegin(), u.cend());
auto f = aes.final();
buf.insert(buf.end(), f.cbegin(), f.cend());
return buf;
}
Aes::Data Aes::decrypt_cbc_128(const Data &data, const uint8_t (&key)[KeySize128], const uint8_t (&iv)[16])
{
Data buf;
Aes aes(Operation::Decrypt, Mode::Cbc, key, iv);
auto u = aes.update(data);;
buf.insert(buf.end(), u.cbegin(), u.cend());
auto f = aes.final();
buf.insert(buf.end(), f.cbegin(), f.cend());
return buf;
}
示例:main.cpp
#include
#include
#include
#include
#include
#include
#include
#include "Aes.h"
std::string format(const char *fmt, ...)
{
va_list ap;
va_start(ap, fmt);
int size = vsnprintf(nullptr, 0, fmt, ap) + 1;
va_end(ap);
char *buf = new char[size];
va_start(ap, fmt);
vsnprintf(buf, size, fmt, ap);
va_end(ap);
std::string fs(buf, size-1);
delete[] buf;
return fs;
}
std::string toHexString(const Aes::Data &data)
{
std::vector<std::string> svec;
std::transform(data.cbegin(), data.cend(), std::back_inserter(svec), [](auto byte) { return format("%02X", byte); });
return std::accumulate(svec.cbegin(), svec.cend(), std::string());
}
int main()
{
const uint8_t key[16] = { 0xa5, 0xc0, 0xda, 0xb7, 0x87, 0x45, 0xc7, 0x37, 0x95, 0x07, 0x2C, 0x96, 0x67, 0xae, 0x28, 0xf1 };
const uint8_t iv[16] = { 0xdb, 0x32, 0x9a, 0x66, 0x09, 0x8b, 0x67, 0xf7, 0xb5, 0xa7, 0x9f, 0x38, 0x57, 0xb9, 0x25, 0x41 };
std::string msg = "hello, world";
Aes::Data data(msg.cbegin(), msg.cend());
auto enc = Aes::encrypt_cbc_128(data, key, iv);
std::cout << toHexString(enc) << std::endl;
auto dec = Aes::decrypt_cbc_128(enc, key, iv);
std::cout << std::string(dec.cbegin(), dec.cend()) << std::endl;
}
运行输出:
$ ./a.out
BC0B8E8AF2458A300E08A350B48EE793
hello, world