/*
* AES-256-ECB PKCS7 加密 函数
* input:经过PKCS7填充后的明文数据
* outhex:加密后的命名数据16进制数,可以使用base64_encode转换为base64格式字符串密文
* key:密钥
* len:经过PKCS7填充后的明文数据长度
*/
void AesEcb256Pkcs7Encrypt(u8 *input, u8 *outhex, u8 *key, int len)
{
/* key:171ce897ad494cb289b023cd3c0ceab4
* input:{terminalNumber}
* aesHexStr:6241579fb24b00f9d1d238ed191e700877b27ba4e7f6184253eb40c20f67390f
* base64str:YkFXn7JLAPnR0jjtGR5wCHeye6Tn9hhCU+tAwg9nOQ8=
*
* input:{"terminalNumber":"28b7f2eb-b549-3200-9950-2c6a83cd8af2"}
* aesHexStr:3B2EFE3D4BF2E586F06D9AC26B2F35CE67B2B228C5DE89980DE8CE3570EBBEE62EB54526A24542885D8902E860D54D056C6545D183B0A0134A48449C3D9F7B19
* base64str:Oy7+PUvy5YbwbZrCay81zmeysijF3omYDejONXDrvuYutUUmokVCiF2JAuhg1U0FbGVF0YOwoBNKSEScPZ97GQ==
*/
TRACE("input:%s, key:%s, %d\n", (char*)input, (char*)key, len);
AES_KEY aesKey;
AES_set_encrypt_key(key, 256, &aesKey);
for (size_t i = 0; i < len; i += AES_BLOCK_SIZE)
{
AES_encrypt(input + i, outhex + i, &aesKey);
TRACE("i:%d\n\n", i);
}
/* 将加密后的数据转换成十六进制字符串 */
std::string aesHexStr;
for (size_t i = 0; i < len; ++i)
{
char hex[3];
sprintf(hex, "%02X", outhex[i]);
aesHexStr += hex;
}
/* 将hex转为base64 */
char base64str[2*len] = {0};
base64_encode(outhex, base64str, len);
TRACE("buf[%s], len:%d, hexAes[%s], len:%d\n", base64str, strlen(base64str), aesHexStr.data(), aesHexStr.length());
}
/*
* AES-256-ECB PKCS7 解密 函数
*/
void AesEcb256Pkcs7Decrypt(unsigned char* input, unsigned char* output, unsigned char* key, int len)
{
AES_KEY aesKey;
AES_set_decrypt_key(key, 256, &aesKey);
for (size_t i = 0; i < len; i += AES_BLOCK_SIZE)
{
AES_decrypt(input + i, output + i, &aesKey);
TRACE("i:%d\n\n", i);
}
/* 将加密后的数据转换成十六进制字符串 */
std::string aesHexStr;
for (size_t i = 0; i < len; ++i)
{
char hex[3];
sprintf(hex, "%02X", output[i]);
aesHexStr += hex;
TRACE("output[%d]:%s [%d]\n", i, hex, output[i]);
}
}
// PKCS7填充函数
int Pkcs7Padding(char *data, int len)
{
int padding_len = AES_BLOCK_SIZE - (len % AES_BLOCK_SIZE);
TRACE("data:%s, len:%d, padding_len:%d \n\n", data, len, padding_len);
for (int i = 0; i < padding_len; i++)
{
data[len + i] = (char)padding_len;
}
return len + padding_len;
}
//去除PKCS7填充
int Pkcs7Unpadding(unsigned char *data, int length)
{
/* 取出最后一个字节数据 */
int padding_size = data[length - 1];
TRACE("padding_size:%d ,%d ,%d\n\n", padding_size, data[length - 1], length);
if (padding_size > AES_BLOCK_SIZE || padding_size == 0)
{
TRACE("padding err\n\n");
return -1; // 非法填充
}
int padding_index = length - padding_size;
for (int i = 0; i < padding_size; i++)
{
if (data[padding_index+i] != (unsigned char)padding_size)
{
TRACE("padding err :%d ,%d\n\n", data[padding_index+i], padding_size);
return -1; // 非法填充
}
}
return padding_index;
}
int maintest()
{
/* 256位密钥 */
u8 *key = "171ce897ad494cb289b023cd3c0ceab4";
char plaintext[256] = {0};
/* 加密密文hex */
unsigned char ciphertext[1024];
unsigned char output[1024]; // 解密输出
//sprintf(plaintext, "terminalNumber");
//sprintf(plaintext, "{terminalNumber}");
sprintf(plaintext, "{\"terminalNumber\":\"28b7f2eb-b549-3200-9950-2c6a83cd8af2\"}");
/* PKCS7填充明文 */
int allLen = Pkcs7Padding((char *)plaintext, strlen(plaintext));
/* 加密 */
AesEcb256Pkcs7Encrypt(plaintext, ciphertext, key, allLen);
TRACE("plaintext:%s, len:%d key:%s \n\n", plaintext, allLen, key);
/* 解密 */
AesEcb256Pkcs7Decrypt(ciphertext, output, key, allLen);
/* PKCS7解填充 */
int plaintext_len = Pkcs7Unpadding(output, allLen);
if (plaintext_len == -1)
{
TRACE("AES Decrypt err\n");
}
else
{
TRACE("output:%s [%d]\n\n", output, plaintext_len);
}
return 0;
}
