AES加密算法(C++ 實現,附源碼)
先搞定AES算法,基本變換包括SubBytes(字節替代)、ShiftRows(行移位)、MixColumns(列混淆)、AddRoundKey(輪密鑰加)c++
其算法通常描述爲算法
明文及密鑰的組織排列方式數組
ByteSubstitution(字節替代)函數
非線性的字節替代,單獨處理每一個字節:加密
求該字節在有限域GF(28)上的乘法逆,"0"被映射爲自身,即對於α∈GF(28),求β∈GF(28),spa
使得α·β=β·α=1mod(x8+x4+x2+x+1)。3d
對上一步求得的乘法逆做仿射變換指針
yi=xi + x(i+4)mod8 + x(i+6)mod8 + x(i+7)mod8 + cicode
(其中ci是6310即011000112的第i位),用矩陣表示爲orm
原本打算把求乘法逆和仿射變換算法敲上去,最後仍是放棄了...直接打置換表
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
unsigned
char
sBox[] =
{
/* 0 1 2 3 4 5 6 7 8 9 a b c d e f */
0x63,0x7c,0x77,0x7b,0xf2,0x6b,0x6f,0xc5,0x30,0x01,0x67,0x2b,0xfe,0xd7,0xab,0x76,
/*0*/
0xca,0x82,0xc9,0x7d,0xfa,0x59,0x47,0xf0,0xad,0xd4,0xa2,0xaf,0x9c,0xa4,0x72,0xc0,
/*1*/
0xb7,0xfd,0x93,0x26,0x36,0x3f,0xf7,0xcc,0x34,0xa5,0xe5,0xf1,0x71,0xd8,0x31,0x15,
/*2*/
0x04,0xc7,0x23,0xc3,0x18,0x96,0x05,0x9a,0x07,0x12,0x80,0xe2,0xeb,0x27,0xb2,0x75,
/*3*/
0x09,0x83,0x2c,0x1a,0x1b,0x6e,0x5a,0xa0,0x52,0x3b,0xd6,0xb3,0x29,0xe3,0x2f,0x84,
/*4*/
0x53,0xd1,0x00,0xed,0x20,0xfc,0xb1,0x5b,0x6a,0xcb,0xbe,0x39,0x4a,0x4c,0x58,0xcf,
/*5*/
0xd0,0xef,0xaa,0xfb,0x43,0x4d,0x33,0x85,0x45,0xf9,0x02,0x7f,0x50,0x3c,0x9f,0xa8,
/*6*/
0x51,0xa3,0x40,0x8f,0x92,0x9d,0x38,0xf5,0xbc,0xb6,0xda,0x21,0x10,0xff,0xf3,0xd2,
/*7*/
0xcd,0x0c,0x13,0xec,0x5f,0x97,0x44,0x17,0xc4,0xa7,0x7e,0x3d,0x64,0x5d,0x19,0x73,
/*8*/
0x60,0x81,0x4f,0xdc,0x22,0x2a,0x90,0x88,0x46,0xee,0xb8,0x14,0xde,0x5e,0x0b,0xdb,
/*9*/
0xe0,0x32,0x3a,0x0a,0x49,0x06,0x24,0x5c,0xc2,0xd3,0xac,0x62,0x91,0x95,0xe4,0x79,
/*a*/
0xe7,0xc8,0x37,0x6d,0x8d,0xd5,0x4e,0xa9,0x6c,0x56,0xf4,0xea,0x65,0x7a,0xae,0x08,
/*b*/
0xba,0x78,0x25,0x2e,0x1c,0xa6,0xb4,0xc6,0xe8,0xdd,0x74,0x1f,0x4b,0xbd,0x8b,0x8a,
/*c*/
0x70,0x3e,0xb5,0x66,0x48,0x03,0xf6,0x0e,0x61,0x35,0x57,0xb9,0x86,0xc1,0x1d,0x9e,
/*d*/
0xe1,0xf8,0x98,0x11,0x69,0xd9,0x8e,0x94,0x9b,0x1e,0x87,0xe9,0xce,0x55,0x28,0xdf,
/*e*/
0x8c,0xa1,0x89,0x0d,0xbf,0xe6,0x42,0x68,0x41,0x99,0x2d,0x0f,0xb0,0x54,0xbb,0x16
/*f*/
};
|
下面是逆置換表,解密時使用
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
unsigned
char
invsBox[256] =
{
/* 0 1 2 3 4 5 6 7 8 9 a b c d e f */
0x52,0x09,0x6a,0xd5,0x30,0x36,0xa5,0x38,0xbf,0x40,0xa3,0x9e,0x81,0xf3,0xd7,0xfb,
/*0*/
0x7c,0xe3,0x39,0x82,0x9b,0x2f,0xff,0x87,0x34,0x8e,0x43,0x44,0xc4,0xde,0xe9,0xcb,
/*1*/
0x54,0x7b,0x94,0x32,0xa6,0xc2,0x23,0x3d,0xee,0x4c,0x95,0x0b,0x42,0xfa,0xc3,0x4e,
/*2*/
0x08,0x2e,0xa1,0x66,0x28,0xd9,0x24,0xb2,0x76,0x5b,0xa2,0x49,0x6d,0x8b,0xd1,0x25,
/*3*/
0x72,0xf8,0xf6,0x64,0x86,0x68,0x98,0x16,0xd4,0xa4,0x5c,0xcc,0x5d,0x65,0xb6,0x92,
/*4*/
0x6c,0x70,0x48,0x50,0xfd,0xed,0xb9,0xda,0x5e,0x15,0x46,0x57,0xa7,0x8d,0x9d,0x84,
/*5*/
0x90,0xd8,0xab,0x00,0x8c,0xbc,0xd3,0x0a,0xf7,0xe4,0x58,0x05,0xb8,0xb3,0x45,0x06,
/*6*/
0xd0,0x2c,0x1e,0x8f,0xca,0x3f,0x0f,0x02,0xc1,0xaf,0xbd,0x03,0x01,0x13,0x8a,0x6b,
/*7*/
0x3a,0x91,0x11,0x41,0x4f,0x67,0xdc,0xea,0x97,0xf2,0xcf,0xce,0xf0,0xb4,0xe6,0x73,
/*8*/
0x96,0xac,0x74,0x22,0xe7,0xad,0x35,0x85,0xe2,0xf9,0x37,0xe8,0x1c,0x75,0xdf,0x6e,
/*9*/
0x47,0xf1,0x1a,0x71,0x1d,0x29,0xc5,0x89,0x6f,0xb7,0x62,0x0e,0xaa,0x18,0xbe,0x1b,
/*a*/
0xfc,0x56,0x3e,0x4b,0xc6,0xd2,0x79,0x20,0x9a,0xdb,0xc0,0xfe,0x78,0xcd,0x5a,0xf4,
/*b*/
0x1f,0xdd,0xa8,0x33,0x88,0x07,0xc7,0x31,0xb1,0x12,0x10,0x59,0x27,0x80,0xec,0x5f,
/*c*/
0x60,0x51,0x7f,0xa9,0x19,0xb5,0x4a,0x0d,0x2d,0xe5,0x7a,0x9f,0x93,0xc9,0x9c,0xef,
/*d*/
0xa0,0xe0,0x3b,0x4d,0xae,0x2a,0xf5,0xb0,0xc8,0xeb,0xbb,0x3c,0x83,0x53,0x99,0x61,
/*e*/
0x17,0x2b,0x04,0x7e,0xba,0x77,0xd6,0x26,0xe1,0x69,0x14,0x63,0x55,0x21,0x0c,0x7d
/*f*/
};
|
這裏遇到問題了,原本用純c初始化數組很正常,封裝成類之後發現不能初始化,無論是聲明、構造函數都沒法初始化,百歌谷度了一通後沒有任何答案,無奈只能在構造函數中聲明一個局部變量數組並初始化,而後用memcpy,(成員變量名爲Sbox/InvSbox,局部變量名sBox/invsBox)
|
1
2
3
4
5
6
7
8
9
10
11
|
void
AES::SubBytes(unsigned
char
state[][4])
{
int
r,c;
for
(r=0; r<4; r++)
{
for
(c=0; c<4; c++)
{
state[r][c] = Sbox[state[r][c]];
}
}
}
|
ShiftRows(行移位變換)
行移位變換完成基於行的循環位移操做,變換方法:
即行移位變換做用於行上,第0行不變,第1行循環左移1個字節,第2行循環左移2個字節,第3行循環左移3個字節。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
void
AES::ShiftRows(unsigned
char
state[][4])
{
unsigned
char
t[4];
int
r,c;
for
(r=1; r<4; r++)
{
for
(c=0; c<4; c++)
{
t[c] = state[r][(c+r)%4];
}
for
(c=0; c<4; c++)
{
state[r][c] = t[c];
}
}
}
|
MixColumns(列混淆變換)
逐列混合,方法:
b(x) = (03·x3 + 01·x2 + 01·x + 02) · a(x) mod(x4 + 1)
矩陣表示形式:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
|
void
AES::MixColumns(unsigned
char
state[][4])
{
unsigned
char
t[4];
int
r,c;
for
(c=0; c< 4; c++)
{
for
(r=0; r<4; r++)
{
t[r] = state[r][c];
}
for
(r=0; r<4; r++)
{
state[r][c] = FFmul(0x02, t[r])
^ FFmul(0x03, t[(r+1)%4])
^ FFmul(0x01, t[(r+2)%4])
^ FFmul(0x01, t[(r+3)%4]);
}
}
}
unsigned
char
AES::FFmul(unsigned
char
a, unsigned
char
b)
{
unsigned
char
bw[4];
unsigned
char
res=0;
int
i;
bw[0] = b;
for
(i=1; i<4; i++)
{
bw[i] = bw[i-1]<<1;
if
(bw[i-1]&0x80)
{
bw[i]^=0x1b;
}
}
for
(i=0; i<4; i++)
{
if
((a>>i)&0x01)
{
res ^= bw[i];
}
}
return
res;
}
|
其中FFmul爲有限域GF(28)上的乘法,標準算法應該是循環8次(b與a的每一位相乘,結果相加),但這裏只用到最低2位,解密時用到的逆列混淆也只用了低4位,因此在這裏高4位的運算是多餘的,只計算低4位。
AddRoundKey(輪密鑰加變換)
簡單來講就是逐字節相加,有限域GF(28)上的加法是模2加法,即異或
|
1
2
3
4
5
6
7
8
9
10
11
|
void
AES::AddRoundKey(unsigned
char
state[][4], unsigned
char
k[][4])
{
int
r,c;
for
(c=0; c<4; c++)
{
for
(r=0; r<4; r++)
{
state[r][c] ^= k[r][c];
}
}
}
|
KeyExpansion(密鑰擴展)
將輸入的密鑰擴展爲11組128位密鑰組,其中第0組爲輸入密鑰自己
其後第n組第i列 爲 第n-1組第i列 與 第n組第i-1列之和(模2加法,1<= i <=3)
對於每一組 第一列即i=0,有特殊的處理
將前一列即第n-1組第3列的4個字節循環左移1個字節,
並對每一個字節進行字節替代變換SubBytes
將第一行(即第一個字節)與輪常量rc[n]相加
最後再與前一組該列相加
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
|
void
AES::KeyExpansion(unsigned
char
* key, unsigned
char
w[][4][4])
{
int
i,j,r,c;
unsigned
char
rc[] = {0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36};
for
(r=0; r<4; r++)
{
for
(c=0; c<4; c++)
{
w[0][r][c] = key[r+c*4];
}
}
for
(i=1; i<=10; i++)
{
for
(j=0; j<4; j++)
{
unsigned
char
t[4];
for
(r=0; r<4; r++)
{
t[r] = j ? w[i][r][j-1] : w[i-1][r][3];
}
if
(j == 0)
{
unsigned
char
temp = t[0];
for
(r=0; r<3; r++)
{
t[r] = Sbox[t[(r+1)%4]];
}
t[3] = Sbox[temp];
t[0] ^= rc[i-1];
}
for
(r=0; r<4; r++)
{
w[i][r][j] = w[i-1][r][j] ^ t[r];
}
}
}
}
|
解密的基本運算
AES解密算法與加密不一樣,基本運算中除了AddRoundKey(輪密鑰加)不變外,其他的都須要進行逆變換,即
InvSubBytes(逆字節替代)、InvShiftRows(逆行移位)、InvMixColumns(逆列混淆)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
void
AES::InvSubBytes(unsigned
char
state[][4])
{
int
r,c;
for
(r=0; r<4; r++)
{
for
(c=0; c<4; c++)
{
state[r][c] = InvSbox[state[r][c]];
}
}
}
void
AES::InvShiftRows(unsigned
char
state[][4])
{
unsigned
char
t[4];
int
r,c;
for
(r=1; r<4; r++)
{
for
(c=0; c<4; c++)
{
t[c] = state[r][(c-r+4)%4];
}
for
(c=0; c<4; c++)
{
state[r][c] = t[c];
}
}
}
void
AES::InvMixColumns(unsigned
char
state[][4])
{
unsigned
char
t[4];
int
r,c;
for
(c=0; c< 4; c++)
{
for
(r=0; r<4; r++)
{
t[r] = state[r][c];
}
for
(r=0; r<4; r++)
{
state[r][c] = FFmul(0x0e, t[r])
^ FFmul(0x0b, t[(r+1)%4])
^ FFmul(0x0d, t[(r+2)%4])
^ FFmul(0x09, t[(r+3)%4]);
}
}
}
|
加密過程
先將輸入的明文按列序組合成4*4的矩陣,直接與第0組密鑰(即輸入的密鑰)相加(異或),做爲輪加密的輸入
而後循環10次進行SubBytes、ShiftRows、MixColumns、AddRoundKey運算,最後恢復原序列
須要注意的是最後一輪並不進行MixColumns(列混淆變換)
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
unsigned
char
* AES::Cipher(unsigned
char
* input)
{
unsigned
char
state[4][4];
int
i,r,c;
for
(r=0; r<4; r++)
{
for
(c=0; c<4 ;c++)
{
state[r][c] = input[c*4+r];
}
}
AddRoundKey(state,w[0]);
for
(i=1; i<=10; i++)
{
SubBytes(state);
ShiftRows(state);
if
(i!=10)MixColumns(state);
AddRoundKey(state,w[i]);
}
for
(r=0; r<4; r++)
{
for
(c=0; c<4 ;c++)
{
input[c*4+r] = state[r][c];
}
}
return
input;
}
|
解密過程
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
unsigned
char
* AES::InvCipher(unsigned
char
* input)
{
unsigned
char
state[4][4];
int
i,r,c;
for
(r=0; r<4; r++)
{
for
(c=0; c<4 ;c++)
{
state[r][c] = input[c*4+r];
}
}
AddRoundKey(state, w[10]);
for
(i=9; i>=0; i--)
{
InvShiftRows(state);
InvSubBytes(state);
AddRoundKey(state, w[i]);
if
(i)InvMixColumns(state);
}
for
(r=0; r<4; r++)
{
for
(c=0; c<4 ;c++)
{
input[c*4+r] = state[r][c];
}
}
return
input;
}
|
對外部數據的加密/解密
至此已經實現了AES加密與解密的原型,在使用的時候通常處理的是字符串等,而不是直接傳入128位的數據,因此要封裝一下對外部數據的加解密處理
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
void
* AES::Cipher(
void
* input,
int
length)
{
unsigned
char
* in = (unsigned
char
*) input;
int
i;
if
(!length)
{
while
(*(in+length++));
in = (unsigned
char
*) input;
}
for
(i=0; i<length; i+=16)
{
Cipher(in+i);
}
return
input;
}
void
* AES::InvCipher(
void
* input,
int
length)
{
unsigned
char
* in = (unsigned
char
*) input;
int
i;
for
(i=0; i<length; i+=16)
{
InvCipher(in+i);
}
return
input;
}
|
加密時默認參數length=0,爲要加密的數據長度,若是使用默認值,則做爲字符串處理,以'\0'爲結尾計算長度
加密時傳進的指針要預留夠16整數倍字節的空間,由於加密操做直接修改原數據,不足128位可能形成內存溢出
最後附上源代碼 Source_AES_Cipher
相關文章
- 1. AES加密算法(C++實現,附源碼)
- 2. javascript AES加密 C#AES解密實現
- 3. AES加密算法C代碼分析
- 4. aes加密c++實現
- 5. AES加密算法
- 6. AES 加密算法
- 7. 【加密算法】AES
- 8. Android AES加密算法及其實現
- 9. AES加密算法的JAVA實現
- 10. C# 實現AES加密解密
- 更多相關文章...
- • Java操作Neo4j數據庫(附帶源碼) - NoSQL教程
- • SQLite 附加數據庫 - SQLite教程
- • Java Agent入門實戰(二)-Instrumentation源碼概述
- • C# 中 foreach 遍歷的用法
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. AES加密算法(C++實現,附源碼)
- 2. javascript AES加密 C#AES解密實現
- 3. AES加密算法C代碼分析
- 4. aes加密c++實現
- 5. AES加密算法
- 6. AES 加密算法
- 7. 【加密算法】AES
- 8. Android AES加密算法及其實現
- 9. AES加密算法的JAVA實現
- 10. C# 實現AES加密解密