RabbitCommon v2.2.6
Loading...
Searching...
No Matches
EvpAES.cpp
1#include "EvpAES.h"
2#include <openssl/evp.h>
3#include <openssl/aes.h>
4#include <openssl/ssl.h>
5
6#define KEY_SIZE_16B 16
7#define KEY_SIZE_24B 24
8#define KEY_SIZE_32B 32
9
10EvpAES::EvpAES()
11{
12 // 初始化CTX
13 ctx = EVP_CIPHER_CTX_new();
14 EVP_CIPHER_CTX_init(ctx);
15}
16
17EvpAES::~EvpAES()
18{
19 // 释放CTX
20 EVP_CIPHER_CTX_cleanup(ctx);
21 EVP_CIPHER_CTX_free(ctx);
22}
23
24bool EvpAES::ecb_encrypt(const QByteArray &in, QByteArray &out,
25 const QByteArray &key, bool enc)
26{
27 // 检查密钥合法性(只能是16、24、32字节)
28 Q_ASSERT(key.size() == KEY_SIZE_16B
29 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
30
31 // 根据key大小创建EVP_CIPHER
32 const EVP_CIPHER * cipher = nullptr;
33 if (key.size() == KEY_SIZE_16B)
34 {
35 cipher = EVP_aes_128_ecb();
36 }
37 else if (key.size() == KEY_SIZE_24B)
38 {
39 cipher = EVP_aes_192_ecb();
40 }
41 else
42 {
43 cipher = EVP_aes_256_ecb();
44 }
45
46 // 执行加解密
47 return encrypt(in, out, key, QByteArray(), cipher, enc);
48}
49
50bool EvpAES::cbc_encrypt(const QByteArray &in, QByteArray &out,
51 const QByteArray &key, const QByteArray &ivec, bool enc)
52{
53 // 检查密钥合法性(只能是16、24、32字节)
54 Q_ASSERT(key.size() == KEY_SIZE_16B
55 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
56 Q_ASSERT(ivec.size() == KEY_SIZE_16B); // 初始向量为16字节
57
58 // 根据key大小创建EVP_CIPHER
59 const EVP_CIPHER * cipher = nullptr;
60 if (key.size() == KEY_SIZE_16B)
61 {
62 cipher = EVP_aes_128_cbc();
63 }
64 else if (key.size() == KEY_SIZE_24B)
65 {
66 cipher = EVP_aes_192_cbc();
67 }
68 else
69 {
70 cipher = EVP_aes_256_cbc();
71 }
72
73 // 执行加解密
74 return encrypt(in, out, key, ivec, cipher, enc);
75}
76
77bool EvpAES::cfb1_encrypt(const QByteArray &in, QByteArray &out,
78 const QByteArray &key, const QByteArray &ivec, bool enc)
79{
80 // 检查密钥合法性(只能是16、24、32字节)
81 Q_ASSERT(key.size() == KEY_SIZE_16B
82 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
83 Q_ASSERT(ivec.size() == KEY_SIZE_16B); // 初始向量为16字节
84
85 // 根据key大小创建EVP_CIPHER
86 const EVP_CIPHER * cipher = nullptr;
87 if (key.size() == KEY_SIZE_16B)
88 {
89 cipher = EVP_aes_128_cfb1();
90 }
91 else if (key.size() == KEY_SIZE_24B)
92 {
93 cipher = EVP_aes_192_cfb1();
94 }
95 else
96 {
97 cipher = EVP_aes_256_cfb1();
98 }
99
100 // 执行加解密
101 return encrypt(in, out, key, ivec, cipher, enc);
102}
103
104bool EvpAES::cfb8_encrypt(const QByteArray &in, QByteArray &out,
105 const QByteArray &key, const QByteArray &ivec, bool enc)
106{
107 // 检查密钥合法性(只能是16、24、32字节)
108 Q_ASSERT(key.size() == KEY_SIZE_16B
109 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
110 Q_ASSERT(ivec.size() == KEY_SIZE_16B); // 初始向量为16字节
111
112 // 根据key大小创建EVP_CIPHER
113 const EVP_CIPHER * cipher = nullptr;
114 if (key.size() == KEY_SIZE_16B)
115 {
116 cipher = EVP_aes_128_cfb8();
117 }
118 else if (key.size() == KEY_SIZE_24B)
119 {
120 cipher = EVP_aes_192_cfb8();
121 }
122 else
123 {
124 cipher = EVP_aes_256_cfb8();
125 }
126
127 // 执行加解密
128 return encrypt(in, out, key, ivec, cipher, enc);
129}
130
131bool EvpAES::cfb128_encrypt(const QByteArray &in, QByteArray &out,
132 const QByteArray &key, const QByteArray &ivec, bool enc)
133{
134 // 检查密钥合法性(只能是16、24、32字节)
135 Q_ASSERT(key.size() == KEY_SIZE_16B
136 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
137 Q_ASSERT(ivec.size() == KEY_SIZE_16B); // 初始向量为16字节
138
139 // 根据key大小创建EVP_CIPHER
140 const EVP_CIPHER * cipher = nullptr;
141 if (key.size() == KEY_SIZE_16B)
142 {
143 cipher = EVP_aes_128_cfb128();
144 }
145 else if (key.size() == KEY_SIZE_24B)
146 {
147 cipher = EVP_aes_192_cfb128();
148 }
149 else
150 {
151 cipher = EVP_aes_256_cfb128();
152 }
153
154 // 执行加解密
155 return encrypt(in, out, key, ivec, cipher, enc);
156}
157
158bool EvpAES::ofb128_encrypt(const QByteArray &in, QByteArray &out,
159 const QByteArray &key, const QByteArray &ivec, bool enc)
160{
161 // 检查密钥合法性(只能是16、24、32字节)
162 Q_ASSERT(key.size() == KEY_SIZE_16B
163 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
164 Q_ASSERT(ivec.size() == KEY_SIZE_16B); // 初始向量为16字节
165
166 // 根据key大小创建EVP_CIPHER
167 const EVP_CIPHER * cipher = nullptr;
168 if (key.size() == KEY_SIZE_16B)
169 {
170 cipher = EVP_aes_128_ofb();
171 }
172 else if (key.size() == KEY_SIZE_24B)
173 {
174 cipher = EVP_aes_192_ofb();
175 }
176 else
177 {
178 cipher = EVP_aes_256_ofb();
179 }
180
181 // 执行加解密
182 return encrypt(in, out, key, ivec, cipher, enc);
183}
184
185bool EvpAES::ctr_encrypt(const QByteArray &in, QByteArray &out,
186 const QByteArray &key, const QByteArray &ivec, bool enc)
187{
188 // 检查密钥合法性(只能是16、24、32字节)
189 Q_ASSERT(key.size() == KEY_SIZE_16B
190 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
191 Q_ASSERT(ivec.size() == KEY_SIZE_16B); // 初始向量为16字节
192
193 // 根据key大小创建EVP_CIPHER
194 const EVP_CIPHER * cipher = nullptr;
195 if (key.size() == KEY_SIZE_16B)
196 {
197 cipher = EVP_aes_128_ctr();
198 }
199 else if (key.size() == KEY_SIZE_24B)
200 {
201 cipher = EVP_aes_192_ctr();
202 }
203 else
204 {
205 cipher = EVP_aes_256_ctr();
206 }
207
208 // 执行加解密
209 return encrypt(in, out, key, ivec, cipher, enc);
210}
211
212bool EvpAES::gcm_encrypt(const QByteArray &in, QByteArray &out,
213 const QByteArray &key, const QByteArray &ivec, bool enc)
214{
215 // 检查密钥合法性(只能是16、24、32字节)
216 Q_ASSERT(key.size() == KEY_SIZE_16B
217 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
218 Q_ASSERT(ivec.size() == KEY_SIZE_16B); // 初始向量为16字节
219
220 // 根据key大小创建EVP_CIPHER
221 const EVP_CIPHER * cipher = nullptr;
222 if (key.size() == KEY_SIZE_16B)
223 {
224 cipher = EVP_aes_128_gcm();
225 }
226 else if (key.size() == KEY_SIZE_24B)
227 {
228 cipher = EVP_aes_192_gcm();
229 }
230 else
231 {
232 cipher = EVP_aes_256_gcm();
233 }
234
235 // 执行加解密
236 return encrypt(in, out, key, ivec, cipher, enc);
237}
238
239bool EvpAES::xts_encrypt(const QByteArray &in, QByteArray &out,
240 const QByteArray &key, const QByteArray &ivec, bool enc)
241{
242 // 检查密钥合法性(只能是16、32字节)
243 Q_ASSERT(key.size() == KEY_SIZE_16B || key.size() == KEY_SIZE_32B);
244 Q_ASSERT(ivec.size() == KEY_SIZE_16B); // 初始向量为16字节
245
246 // 根据key大小创建EVP_CIPHER
247 const EVP_CIPHER * cipher = nullptr;
248 if (key.size() == KEY_SIZE_16B)
249 {
250 cipher = EVP_aes_128_xts();
251 }
252 else
253 {
254 cipher = EVP_aes_256_xts();
255 }
256
257 // 执行加解密
258 return encrypt(in, out, key, ivec, cipher, enc);
259}
260
261bool EvpAES::ocb_encrypt(const QByteArray &in, QByteArray &out,
262 const QByteArray &key, const QByteArray &ivec, bool enc)
263{
264#if OPENSSL_VERSION_NUMBER >= 0x3000000fL
265 #ifndef OPENSSL_NO_OCB
266
267 // 检查密钥合法性(只能是16、24、32字节)
268 Q_ASSERT(key.size() == KEY_SIZE_16B
269 || key.size() == KEY_SIZE_24B || key.size() == KEY_SIZE_32B);
270 Q_ASSERT(ivec.size() == KEY_SIZE_16B); // 初始向量为16字节
271
272 // 根据key大小创建EVP_CIPHER
273 const EVP_CIPHER * cipher = nullptr;
274 if (key.size() == KEY_SIZE_16B)
275 {
276 cipher = EVP_aes_128_ocb();
277 }
278 else if (key.size() == KEY_SIZE_24B)
279 {
280 cipher = EVP_aes_192_ocb();
281 }
282 else
283 {
284 cipher = EVP_aes_256_ocb();
285 }
286
287 // 执行加解密
288 return encrypt(in, out, key, ivec, cipher, enc);
289
290 #endif
291#endif
292 return false;
293}
294
295bool EvpAES::encrypt(const QByteArray &in, QByteArray &out,
296 const QByteArray &key, const QByteArray &ivec,
297 const EVP_CIPHER *cipher, bool enc)
298{
299 if (enc)
300 {
301 // 指定加密算法及key和iv
302 int ret = EVP_EncryptInit_ex(ctx, cipher, NULL,
303 (const unsigned char*)key.data(),
304 (const unsigned char*)ivec.data());
305 if(ret != 1)
306 {
307 return false;
308 }
309
310 // 进行加密操作
311 int mlen = 0;
312 out.resize(in.size() + AES_BLOCK_SIZE);
313 ret = EVP_EncryptUpdate(ctx, (unsigned char*)out.data(), &mlen,
314 (const unsigned char*)in.data(),
315 in.size());
316 if(ret != 1)
317 {
318 return false;
319 }
320
321 // 结束加密操作
322 int flen = 0;
323 ret = EVP_EncryptFinal_ex(ctx, (unsigned char *)out.data() + mlen, &flen);
324 if(ret != 1)
325 {
326 return false;
327 }
328 out.resize(mlen + flen);
329 return true;
330 }
331 else
332 {
333 // 指定解密算法及key和iv
334 int ret = EVP_DecryptInit_ex(ctx, cipher, NULL,
335 (const unsigned char*)key.data(),
336 (const unsigned char*)ivec.data());
337 if(ret != 1)
338 {
339 return false;
340 }
341
342 // 进行解密操作
343 int mlen = 0;
344 out.resize(in.size());
345 ret = EVP_DecryptUpdate(ctx, (unsigned char*)out.data(), &mlen,
346 (const unsigned char*)in.data(), in.size());
347 if(ret != 1)
348 {
349 return false;
350 }
351
352 // 结束解密操作
353 int flen = 0;
354 ret = EVP_DecryptFinal_ex(ctx, (unsigned char *)out.data() + mlen, &flen);
355 if(ret != 1)
356 {
357 return false;
358 }
359 out.resize(mlen + flen);
360 return true;
361 }
362}
363
364//TODO: only install the dependencies libraries(libssl)
365int EvpAES::testSSL()
366{
367#if OPENSSL_VERSION_NUMBER >= 0x3000000fL
368 SSL_CTX *ssl_ctx = SSL_CTX_new(TLS_client_method());
369 if(ssl_ctx)
370 SSL_CTX_free(ssl_ctx);
371#endif
372 return 0;
373}
作者:康林 (kl222@126.com)

版权所有(c) 康林工作室 保留所有权力