1# 使用AES对称密钥(GCM模式)分段加解密(ArkTS) 2 3对应的算法规格请查看[对称密钥加解密算法规格:AES](crypto-sym-encrypt-decrypt-spec.md#aes)。 4 5**加密** 6 71. 调用[cryptoFramework.createSymKeyGenerator](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatesymkeygenerator)、[SymKeyGenerator.generateSymKey](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatesymkey-1),生成密钥算法为AES、密钥长度为128位的对称密钥(SymKey)。 8 9 如何生成AES对称密钥,开发者可参考下文示例,并结合[对称密钥生成和转换规格:AES](crypto-sym-key-generation-conversion-spec.md#aes)和[随机生成对称密钥](crypto-generate-sym-key-randomly.md)理解,参考文档与当前示例可能存在入参差异,请在阅读时注意区分。 10 112. 调用[cryptoFramework.createCipher](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatecipher),指定字符串参数'AES128|GCM|PKCS7',创建对称密钥类型为AES128、分组模式为GCM、填充模式为PKCS7的Cipher实例,用于完成加密操作。 12 133. 调用[Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1),设置模式为加密(CryptoMode.ENCRYPT_MODE),指定加密密钥(SymKey)和GCM模式对应的加密参数(GcmParamsSpec),初始化加密Cipher实例。 14 154. 将一次传入数据量设置为20字节,多次调用[Cipher.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-1),更新数据(明文)。 16 17 - 当前单次update长度没有限制,开发者可以根据数据量判断如何调用update。 18 - 建议开发者对每次update的结果都判断是否为null,并在结果不为null时取出其中的数据进行拼接,形成完整的密文。因为在不同的规格下,update的结果可能会受到不同影响。 19 20 1)比如ECB和CBC模式,始终以分组作为基本单位来加密,并输出本次update产生的加密分组结果。即当本次update操作凑满一个分组就输出密文,没有凑满则此次update输出null,将未加密的数据与下次输入的数据拼接凑分组再输出。等到最后doFinal的时候,将未加密的数据,根据指定的填充模式进行填充,在输出剩余加密结果。解密过程中的update同理。 21 22 2)对于流加密模式(比如CTR和OFB模式),通常密文长度和明文长度相等。 23 245. 调用[Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1),获取加密后的数据。 25 26 - 由于已使用update传入数据,此处data传入null。 27 - doFinal输出结果可能为null,在访问具体数据前,需要先判断结果是否为null,避免产生异常。 28 296. 读取[GcmParamsSpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#gcmparamsspec).authTag作为解密的认证信息。 30 31 在GCM模式下,算法库当前只支持16字节的authTag,作为解密时初始化的认证信息。示例中authTag恰好为16字节。 32 33**解密** 34 351. 调用[cryptoFramework.createCipher](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatecipher),指定字符串参数'AES128|GCM|PKCS7',创建对称密钥类型为AES128、分组模式为GCM、填充模式为PKCS7的Cipher实例,用于完成解密操作。 36 372. 调用[Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1),设置模式为解密(CryptoMode.DECRYPT_MODE),指定解密密钥(SymKey)和GCM模式对应的解密参数(GcmParamsSpec),初始化解密Cipher实例。 38 393. 将一次传入数据量设置为20字节,多次调用[Cipher.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-1),更新数据(密文)。 40 414. 调用[Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1),获取解密后的数据。 42 43- 异步方法示例: 44 45 ```ts 46 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 47 import { buffer } from '@kit.ArkTS'; 48 49 function generateRandom(len: number) { 50 let rand = cryptoFramework.createRandom(); 51 let generateRandSync = rand.generateRandomSync(len); 52 return generateRandSync; 53 } 54 55 function genGcmParamsSpec() { 56 let ivBlob = generateRandom(12); 57 let arr = [1, 2, 3, 4, 5, 6, 7, 8]; // 8 bytes 58 let dataAad = new Uint8Array(arr); 59 let aadBlob: cryptoFramework.DataBlob = { data: dataAad }; 60 arr = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; // 16 bytes 61 let dataTag = new Uint8Array(arr); 62 let tagBlob: cryptoFramework.DataBlob = { 63 data: dataTag 64 }; // The GCM authTag is obtained by doFinal() in encryption and passed in params of init() in decryption. 65 let gcmParamsSpec: cryptoFramework.GcmParamsSpec = { 66 iv: ivBlob, 67 aad: aadBlob, 68 authTag: tagBlob, 69 algName: "GcmParamsSpec" 70 }; 71 return gcmParamsSpec; 72 } 73 let gcmParams = genGcmParamsSpec(); 74 // 分段加密消息。 75 async function encryptMessageUpdateBySegment(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) { 76 let cipher = cryptoFramework.createCipher('AES128|GCM|PKCS7'); 77 await cipher.init(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, gcmParams); 78 let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求。 79 let cipherText = new Uint8Array(); 80 for (let i = 0; i < plainText.data.length; i += updateLength) { 81 let updateMessage = plainText.data.subarray(i, i + updateLength); 82 let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage }; 83 // 分段update。 84 let updateOutput = await cipher.update(updateMessageBlob); 85 // 把update的结果拼接起来,得到密文(有些情况下还需拼接doFinal的结果,这取决于分组模式。 86 // 和填充模式,本例中GCM模式的doFinal结果只包含authTag而不含密文,所以不需要拼接)。 87 let mergeText = new Uint8Array(cipherText.length + updateOutput.data.length); 88 mergeText.set(cipherText); 89 mergeText.set(updateOutput.data, cipherText.length); 90 cipherText = mergeText; 91 } 92 gcmParams.authTag = await cipher.doFinal(null); 93 let cipherBlob: cryptoFramework.DataBlob = { data: cipherText }; 94 return cipherBlob; 95 } 96 // 分段解密消息。 97 async function decryptMessagePromise(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) { 98 let decoder = cryptoFramework.createCipher('AES128|GCM|PKCS7'); 99 await decoder.init(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, gcmParams); 100 let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求。 101 let decryptText = new Uint8Array(); 102 for (let i = 0; i < cipherText.data.length; i += updateLength) { 103 let updateMessage = cipherText.data.subarray(i, i + updateLength); 104 let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage }; 105 // 分段update。 106 let updateOutput = await decoder.update(updateMessageBlob); 107 // 把update的结果拼接起来,得到明文。 108 let mergeText = new Uint8Array(decryptText.length + updateOutput.data.length); 109 mergeText.set(decryptText); 110 mergeText.set(updateOutput.data, decryptText.length); 111 decryptText = mergeText; 112 } 113 let decryptData = await decoder.doFinal(null); 114 if (decryptData === null) { 115 console.info('GCM decrypt success, decryptData is null'); 116 } 117 let decryptBlob: cryptoFramework.DataBlob = { data: decryptText }; 118 return decryptBlob; 119 } 120 async function genSymKeyByData(symKeyData: Uint8Array) { 121 let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData }; 122 let aesGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 123 let symKey = await aesGenerator.convertKey(symKeyBlob); 124 console.info('convertKey success'); 125 return symKey; 126 } 127 async function aes() { 128 let keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]); 129 let symKey = await genSymKeyByData(keyData); 130 let message = "aaaaa.....bbbbb.....ccccc.....ddddd.....eee"; // 假设信息总共43字节,根据utf-8解码后,也是43字节。 131 let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) }; 132 let encryptText = await encryptMessageUpdateBySegment(symKey, plainText); 133 let decryptText = await decryptMessagePromise(symKey, encryptText); 134 if (plainText.data.toString() === decryptText.data.toString()) { 135 console.info('decrypt ok'); 136 console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8')); 137 } else { 138 console.error('decrypt failed'); 139 } 140 } 141 ``` 142 143- 同步方法示例: 144 145 ```ts 146 import { cryptoFramework } from '@kit.CryptoArchitectureKit'; 147 import { buffer } from '@kit.ArkTS'; 148 149 function generateRandom(len: number) { 150 let rand = cryptoFramework.createRandom(); 151 let generateRandSync = rand.generateRandomSync(len); 152 return generateRandSync; 153 } 154 155 function genGcmParamsSpec() { 156 let ivBlob = generateRandom(12); 157 let arr = [1, 2, 3, 4, 5, 6, 7, 8]; // 8 bytes 158 let dataAad = new Uint8Array(arr); 159 let aadBlob: cryptoFramework.DataBlob = { data: dataAad }; 160 arr = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; // 16 bytes 161 let dataTag = new Uint8Array(arr); 162 let tagBlob: cryptoFramework.DataBlob = { 163 data: dataTag 164 }; // The GCM authTag is obtained by doFinal() in encryption and passed in params of init() in decryption. 165 let gcmParamsSpec: cryptoFramework.GcmParamsSpec = { 166 iv: ivBlob, 167 aad: aadBlob, 168 authTag: tagBlob, 169 algName: "GcmParamsSpec" 170 }; 171 return gcmParamsSpec; 172 } 173 let gcmParams = genGcmParamsSpec(); 174 // 分段加密消息。 175 function encryptMessageUpdateBySegment(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) { 176 let cipher = cryptoFramework.createCipher('AES128|GCM|PKCS7'); 177 cipher.initSync(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, gcmParams); 178 let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求。 179 let cipherText = new Uint8Array(); 180 for (let i = 0; i < plainText.data.length; i += updateLength) { 181 let updateMessage = plainText.data.subarray(i, i + updateLength); 182 let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage }; 183 // 分段update。 184 let updateOutput = cipher.updateSync(updateMessageBlob); 185 // 把update的结果拼接起来,得到密文(有些情况下还需拼接doFinal的结果,这取决于分组模式。 186 // 和填充模式,本例中GCM模式的doFinal结果只包含authTag而不含密文,所以不需要拼接)。 187 let mergeText = new Uint8Array(cipherText.length + updateOutput.data.length); 188 mergeText.set(cipherText); 189 mergeText.set(updateOutput.data, cipherText.length); 190 cipherText = mergeText; 191 } 192 gcmParams.authTag = cipher.doFinalSync(null); 193 let cipherBlob: cryptoFramework.DataBlob = { data: cipherText }; 194 return cipherBlob; 195 } 196 // 分段解密消息。 197 function decryptMessage(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) { 198 let decoder = cryptoFramework.createCipher('AES128|GCM|PKCS7'); 199 decoder.initSync(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, gcmParams); 200 let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求。 201 let decryptText = new Uint8Array(); 202 for (let i = 0; i < cipherText.data.length; i += updateLength) { 203 let updateMessage = cipherText.data.subarray(i, i + updateLength); 204 let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage }; 205 // 分段update。 206 let updateOutput = decoder.updateSync(updateMessageBlob); 207 // 把update的结果拼接起来,得到明文。 208 let mergeText = new Uint8Array(decryptText.length + updateOutput.data.length); 209 mergeText.set(decryptText); 210 mergeText.set(updateOutput.data, decryptText.length); 211 decryptText = mergeText; 212 } 213 let decryptData = decoder.doFinalSync(null); 214 if (decryptData === null) { 215 console.info('GCM decrypt success, decryptData is null'); 216 } 217 let decryptBlob: cryptoFramework.DataBlob = { data: decryptText }; 218 return decryptBlob; 219 } 220 function genSymKeyByData(symKeyData: Uint8Array) { 221 let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData }; 222 let aesGenerator = cryptoFramework.createSymKeyGenerator('AES128'); 223 let symKey = aesGenerator.convertKeySync(symKeyBlob); 224 console.info('convertKeySync success'); 225 return symKey; 226 } 227 function main() { 228 let keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]); 229 let symKey = genSymKeyByData(keyData); 230 let message = "aaaaa.....bbbbb.....ccccc.....ddddd.....eee"; // 假设信息总共43字节,根据utf-8解码后,也是43字节。 231 let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) }; 232 let encryptText = encryptMessageUpdateBySegment(symKey, plainText); 233 let decryptText = decryptMessage(symKey, encryptText); 234 if (plainText.data.toString() === decryptText.data.toString()) { 235 console.info('decrypt ok'); 236 console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8')); 237 } else { 238 console.error('decrypt failed'); 239 } 240 } 241 242 ``` 243