AES为对称加密
AES四种加密模式的区别:
ECB(Electronic Code Book电子密码本)模式
ECB模式是最早采用和最简单的模式,它将加密的数据分成若干组,每组的大小跟加密密钥长度相同,然后每组都用相同的密钥进行加密。
优点: 1.简单; 2.有利于并行计算; 3.误差不会被扩散;
缺点: 1.不能隐藏明文的模式; 2.可能对明文进行主动攻击; 因此,此模式适于加密小消息。
CBC(Cipher Block Chaining,加密块链)模式
优点: 不容易主动攻击,安全性好于ECB,适合传输长度长的报文,是SSL、IPSec的标准。
缺点: 1.不利于并行计算; 2.误差传递; 3.需要初始化向量IV
CFB(Cipher FeedBack Mode,加密反馈)模式
优点: 1.隐藏了明文模式; 2.分组密码转化为流模式; 3.可以及时加密传送小于分组的数据;
缺点: 1.不利于并行计算; 2.误差传送:一个明文单元损坏影响多个单元; 3.唯一的IV;
OFB(Output FeedBack,输出反馈)模式
优点: 1.隐藏了明文模式; 2.分组密码转化为流模式; 3.可以及时加密传送小于分组的数据;
缺点: 1.不利于并行计算; 2.对明文的主动攻击是可能的; 3.误差传送:一个明文单元损坏影响多个单元;
---------------------
以上内容转自
原文:https://blog.csdn.net/zsy19881226/article/details/46925809
下面为自实现字符串加密与解密,注意,要注意对字符串长度处理,若不为16整数倍,需填充,本文填充为0
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <openssl/aes.h>
#define PRINT_MACRO_HELPER(x) #x
#define PRINT_MACRO(x) #x"="PRINT_MACRO_HELPER(x)
#define AES_BITS 128
#define MSG_LEN 128
int aes_encrypt(char* in,unsigned int len, char* key, char* out)//, int olen)可能会设置buf长度
{
if(!in || !key || !out)
return 0;
unsigned char iv[AES_BLOCK_SIZE];//加密的初始化向量
for(int i=0; i<AES_BLOCK_SIZE; ++i)//iv一般设置为全0,可以设置其他,但是加密解密要一样就行
iv[i]=0;
AES_KEY aes;
if(AES_set_encrypt_key((unsigned char*)key, 128, &aes) < 0)
{
printf("AES_set_encrypt_key is faild\n");
return 0;
}
printf("len is %d\n",len);
if(len%16)
{
len = len - (len%16) +16;
printf("len is %d\n",len);
char *temp = (char *)calloc(len,sizeof(char));
memcpy(temp,in,len);
AES_cbc_encrypt((unsigned char*)temp, (unsigned char*)out, len, &aes, iv, AES_ENCRYPT);
free((void *)temp);
temp = NULL;
}
else
{AES_cbc_encrypt((unsigned char*)in, (unsigned char*)out, len, &aes, iv, AES_ENCRYPT);}
return 1;
}
int aes_decrypt(char* in,unsigned int len, char* key, char* out)
{
unsigned int i = 0 ;
if(!in || !key || !out)
return 0;
unsigned char iv[AES_BLOCK_SIZE];//加密的初始化向量
for(int i=0; i<AES_BLOCK_SIZE; ++i)//iv一般设置为全0,可以设置其他,但是加密解密要一样就行
iv[i]=0;
AES_KEY aes;
if(AES_set_decrypt_key((unsigned char*)key, 128, &aes) < 0)
{
printf("AES_set_decrypt_key is faild\n");
return 0;
}
// int len=strlen(in);
AES_cbc_encrypt((unsigned char*)in, (unsigned char*)out, len, &aes, iv, AES_DECRYPT);
for(i=0;i<len;i++)
printf("%c ",out[i]);
return 1;
}
int main(int argc,char *argv[])
{
unsigned int i = 0;
char sourceStringTemp[MSG_LEN] = {0};
char dstStringTemp[MSG_LEN] = {0};
//strcpy((char*)sourceStringTemp, "12345678912345678912345678912\0bc");
// memcpy((char*)sourceStringTemp, "12345678912345678912345\06\0\0bc",32);
strcpy((char*)sourceStringTemp, argv[1]);
char key[AES_BLOCK_SIZE] = {0};
unsigned int len = strlen(sourceStringTemp);
for(i = 0; i < 16; i++)//可自由设置密钥
{
key[i] = 32 + i;
}
if(!aes_encrypt(sourceStringTemp,len,key,dstStringTemp))
{
printf("encrypt error\n");
return -1;
}
printf("enc %d :",strlen((char*)dstStringTemp));
for(i= 0;i<len;i+=1){
printf("%x ",(unsigned char)dstStringTemp[i]);
}
printf("\n");
memset((char*)sourceStringTemp, 0 ,MSG_LEN);
printf("strlen(dstStringTemp) is %d\n",strlen(dstStringTemp));
if(!aes_decrypt(dstStringTemp,len,key,sourceStringTemp))
{
printf("decrypt error\n");
return -1;
}
printf("\n");
printf("dec %d:",strlen((char*)sourceStringTemp));
for(i=0;i<len;i++)
printf("%c ",sourceStringTemp[i]);
printf("\n");
for(i= 0;sourceStringTemp[i];i+=1)
{
printf("%x ",(unsigned char)sourceStringTemp[i]);
}
printf("\n");
return 0;
}