常用的openssl函数

base64解编码

依次调用EVP_DecodeInit(), EVP_DecodeUpdate(), EVP_DecodeFinal()，与md5和sha1类似，适用于数据量特别大时，分段解码，通过多次调用EVP_DecodeUpdate()实现。
调用int EVP_EncodeBlock(unsigned char *t, const unsigned char *f, int n);
int EVP_DecodeBlock(unsigned char *t, const unsigned char *f, int n);这两个函数都是一次性使用的，注意下返回值是解码后的结果长度，因此返回值大于等于0时，解编码成功。

bool base64Decode(const string& strSrc, string& strDest)
{
    char* szBuffer = new char[strSrc.length()];
    if (EVP_DecodeBlock((unsigned char*)szBuffer, (const unsigned char*)strSrc.c_str(), strSrc.length()) <= 0)
    {
        return false;
    }
    strDest = szBuffer;
    delete[] szBuffer;
    szBuffer = NULL;
}

AES加解密

AES加解密最关键的函数：

加密

int AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key);
将密钥初始化成AES_KEY结构，注意第二个参数是bit数，而不是字节数。

void AES_ecb_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key, const int enc);

//sKey是经过base64编码过的key，如果key没有经过base64
int AesEncryptEcb(const string &sKey, const string &sSrc, string &sDst)
{
    int nRet;

    //base64解码
    string sAesKey;
    if ((nRet = DecodeBase64(sKey, sAesKey)) != CK_OK)
        return nRet;

    const unsigned int uKeySize = static_cast<unsigned int>(sAesKey.size());
    if (uKeySize != 16 && uKeySize != 24 && uKeySize != 32) //必须是 128/192/256 bits
        return CK_AESKYE_Invalid;

    //初始化key
    AES_KEY key;
    AES_set_encrypt_key(reinterpret_cast<const unsigned char*>(sAesKey.data()),
                        static_cast<int>(8 * uKeySize),
                        &key);

    //追加padding, PKCS7方式
    size_t padding = uKeySize - sSrc.size() % uKeySize;
    string sCopy(sSrc);
    sCopy.append(padding, static_cast<char>(padding));

    //分组加密
    std::vector<unsigned char> sRst(sCopy.size());
    for (size_t i = 0; i < sCopy.size(); i += AES_BLOCK_SIZE)
    {
        AES_ecb_encrypt(reinterpret_cast<const unsigned char *>(sCopy.data() + i), &sRst[i], &key, AES_ENCRYPT);
    }

    sDst.assign(sRst.begin(), sRst.end());
    return CK_OK;
}

//------------------------------------------------------------------------------
int AesDecryptEcb(const string &sKey, const string &sSrc, string &sDst)
{
    int nRet;

    //base64解码
    string sAesKey;
    if ((nRet = DecodeBase64(sKey, sAesKey)) != CK_OK)
        return nRet;

    const unsigned int uKeySize = static_cast<unsigned int>(sAesKey.size());
    if (uKeySize != 16 && uKeySize != 24 && uKeySize != 32) //必须是 128/192/256 bits
        return CK_AESKYE_Invalid;

    //初始化key
    AES_KEY key;
    AES_set_decrypt_key(reinterpret_cast<const unsigned char*>(sAesKey.data()),
                        static_cast<int>(8 * uKeySize),
                        &key);

    //解密
    std::vector<unsigned char> sRst(sSrc.size());
    for (size_t i = 0; i < sSrc.size(); i += AES_BLOCK_SIZE)
    {
        AES_ecb_encrypt(reinterpret_cast<const unsigned char *>(sSrc.data() + i), &sRst[i], &key, AES_DECRYPT);
    }

    //去掉padding
    const size_t pads = sRst[sRst.size() - 1];
    if (pads > 0 && pads <= uKeySize && ((sRst.size() - pads) > 0))
    {
        sDst.assign(sRst.begin(), sRst.end() - pads);
        return CK_OK;
    }

    return CK_AESData_Invalid;
}

常用的openssl函数

常用的openssl函数

base64解编码

AES加解密

加密

猜你喜欢