以下是我基于STM32+PolarSSL加密库调通的基于DES CBC加密形式的例子。好让自己能用来做比对。
1. 使用DES-CBC加密方式,并使用PKCS5Padding方式填充
2. 明文为(字符串): <xml>123232</xml>
3.生成的密文(十六进制数据): 305F62576A76B23D6822B53FC537014058360A0D1696610B
4.密钥为(字符串):rw4fef48
5.初始向量iv为:0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
PKCS5Padding的解释如下:
在PKCS5Padding中,明确定义Block的大小是8位,而在PKCS7Padding定义中,对于块的大小是不确定的,可以在1-255之间(块长度超出255的尚待研究),填充值的算法都是一样的:
value=k - (l mod k) ,K=块大小,l=数据长度,如果l=8, 则需要填充额外的8个byte的8
对方的算法是:
//补齐数据
pading = 8 - (_raw_size % 8);
*_dst_size = _raw_size + pading;
for (i = _raw_size; i < *_dst_size; i++)
{
_raw_ptr[i] = pading;
}
基于PolarSSL的基本测试程序如下:
unsigned char DESKey1[9] = {"rw4fef48"};
unsigned char Pt[] = {'<','x','m','l','>','1','2','3','2','3','2','<','/','x','m','l','>'};
unsigned char Cryt[64] = {0};
unsigned char iv[8] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
des_context ctx;
for(unsigned char i = 0; i < sizeof(Pt); i++)
{
Cryt[i] = Pt[i];
}
unsigned char Index = sizeof(Pt);
unsigned char pading;
pading = 8 - (Index % 8);
for (unsigned char i = 0; i < pading; i++)
{
Cryt[Index+i] = pading;
}
des_setkey_enc( &ctx, (unsigned char *)DESKey1);
des_crypt_cbc( &ctx, DES_ENCRYPT, Index+pading, iv, Cryt, Cryt );
printf("\r\n");
for(unsigned short i = 0; i < Index+pading; i++)
{
printf("%02X ", Cryt[i]);
}
printf("\r\n");
memset(iv, 0, sizeof(iv));
des_setkey_dec( &ctx, (unsigned char *)DESKey1);
des_crypt_cbc(&ctx, DES_DECRYPT, Index+pading, iv, Cryt, Cryt);