aes-cbc模式加密在加密和解密是須要一個初始化向量(Initialization Vector, IV),在每次加密以前或者解密以後,使用初始化向量與明文或密文異或。git
加密時,明文首先與IV異或,而後將結果進行塊加密,獲得的輸出就是密文,同時本次的輸出密文做爲下一個塊加密的IV。
github
加密過程代碼: 函數
1 cypher_t* aes_cbc_encrypt(uint8_t* key, cypher_t* data_in) 2 { 3 //pad last block with 0 4 cypher_t* data_in_padding = block_padding(data_in); 5 cypher_t* cypher_out = (cypher_t*)malloc(sizeof(uint8_t) + data_in->len_data); 6 cypher_out->len_data = data_in_padding->len_data; 7 8 uint8_t iv[16] = {0}; 9 memcpy(iv, IV, 16); 10 uint8_t temp_out[16] = {0}; 11 for (uint8_t index = 0; index < data_in_padding->len_data/16 ; ++index){ 12 array_xor(16, temp_out, data_in_padding->data + (index * 16), iv); //明文與iv異或 13 _aes128_encryption(key, cypher_out->data + index * 16, temp_out); //進行塊加密獲得密文,同時密文是下次加密的iv 14 memcpy(iv, cypher_out->data + index * 16, 16); //本次的密文是下次加密的iv 15 } 16 free(data_in_padding); 17 return cypher_out; 18 }
解密時,先將密文的第一個塊進行塊解密,而後將結果與IV異或,就能獲得明文,同時,本次解密的輸入密文做爲下一個塊解密的IV。
測試
解密過程代碼: ui
1 cypher_t* aes_cbc_decrypt(uint8_t* key, cypher_t* data_in) 2 { 3 cypher_t* cypher_padding = block_padding(data_in); 4 cypher_t* plain = (cypher_t*)malloc(data_in->len_data); 5 plain->len_data = cypher_padding->len_data; 6 uint8_t iv[16] = {0}; 7 memcpy(iv, IV, 16); 8 uint8_t temp_out[16] = {0}; 9 for (uint8_t index = 0; index < cypher_padding->len_data/16 ; ++index){ 10 _aes128_decryption(key, temp_out, cypher_padding->data + (index*16)); //密文塊解密 11 array_xor(16, plain->data + (index*16), temp_out, iv); //與iv異或獲得明文 12 memcpy(iv, cypher_padding->data + (index*16), 16); //設置下次解密用到的iv 13 } 14 free(cypher_padding); 15 return plain; 16 }
測試程序:加密
1 int main() 2 { 3 uint8_t key[16] = { 4 0x01, 0x02, 0x03, 0x04, 0x0a, 0x0b, 0x0c, 0x0d, 0x00, 0x00, 0x00, 0x00, 0xff, 0xff, 0xff, 0xff 5 }; 6 uint8_t iv[16] = { 7 0xa, 0xb, 0xc, 0xd, 0x1, 0x2, 0x3, 0x3, 0xa, 0xa, 0xa, 0xa, 0xf, 0xf, 0xf, 0xf 8 }; 9 uint8_t* text = "hello aes_cbc encryption!"; 10 11 printf("密鑰:"); 12 for (int i = 0; i < 16; ++i){ 13 if (i%4 == 0 && i != 0) 14 printf(" "); 15 if (i % 16 == 0 && i != 0) 16 printf("\n"); 17 printf("%02x ", key[i]); 18 } 19 printf("\n"); 20 printf("明文:%s\n\n", text); 21 22 set_iv(iv); 23 //--------------------------aes cbc encrypt-------------------------------------- 24 cypher_t* plain = (cypher_t*)malloc(sizeof(uint8_t) + strlen(text)); 25 plain->len_data = strlen(text); 26 memcpy(plain->data, text, plain->len_data); 27 cypher_t* cypher = aes_cbc_encrypt(key, plain); 28 puts("密文:"); 29 for (int i = 0; i < cypher->len_data; ++i){ 30 if (i%4 == 0 && i != 0) 31 printf(" "); 32 if (i % 16 == 0 && i != 0) 33 printf("\n"); 34 printf("%02x ", cypher->data[i]); 35 36 } 37 printf("\n\n"); 38 free(plain); 39 //--------------------------aes cbc decrypt-------------------------------------- 40 cypher_t* decrypted_plain = aes_cbc_decrypt(key, cypher); 41 puts("解密以後:"); 42 for (int i = 0; i < decrypted_plain->len_data; ++i){ 43 if (i%4 == 0 && i != 0) 44 printf(" "); 45 if (i % 16 == 0 && i != 0) 46 printf("\n"); 47 printf("%02x ", decrypted_plain->data[i]); 48 } 49 printf("\n\n"); 50 printf("解密以後的明文字符串輸出:\n%s", decrypted_plain); 51 printf("\n\n"); 52 free(decrypted_plain); 53 return 0; 54 }
輸出:spa
密鑰:01 02 03 04 0a 0b 0c 0d 00 00 00 00 ff ff ff ff
明文:hello aes_cbc encryption! code密文:
76 ae bb ed d2 c3 a6 16 00 4a 4b 3b 33 67 96 07
85 7c 70 c5 0b 7e f2 b6 75 ff fc 67 f4 99 c0 8a blog解密以後:
68 65 6c 6c 6f 20 61 65 73 5f 63 62 63 20 65 6e
63 72 79 70 74 69 6f 6e 21 00 00 00 00 00 00 00 ip解密以後的明文字符串輸出:
hello aes_cbc encryption!
完整代碼在 https://github.com/FANCY0047/aes-cbc.git 注:aes加密解密函數來源於互聯網