1# Encryption and Decryption with an RSA Asymmetric Key Pair (PKCS1) (C/C++) 2 3<!--Kit: Crypto Architecture Kit--> 4<!--Subsystem: Security--> 5<!--Owner: @zxz--3--> 6<!--Designer: @lanming--> 7<!--Tester: @PAFT--> 8<!--Adviser: @zengyawen--> 9 10For details about the algorithm specifications, see [RSA](crypto-asym-encrypt-decrypt-spec.md#rsa). 11 12**Encryption** 13 141. Call [OH_CryptoAsymKeyGenerator_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-asym-key-h.md#oh_cryptoasymkeygenerator_create) and [OH_CryptoAsymKeyGenerator_Generate](../../reference/apis-crypto-architecture-kit/capi-crypto-asym-key-h.md#oh_cryptoasymkeygenerator_generate) to generate an asymmetric key pair (**keyPair**) of the RSA1024 type with two prime numbers. The **keyPair** object includes a public key (**PubKey**) and a private key (**PriKey**). 15 16 For details about how to generate an RSA asymmetric key pair, see the following example. To learn more, see [RSA](crypto-asym-key-generation-conversion-spec.md#rsa) and [Randomly Generating an Asymmetric Key Pair](crypto-generate-asym-key-pair-randomly.md). There may be differences between the input parameters in the reference documents and those in the following example. 17 182. Call [OH_CryptoAsymCipher_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-asym-cipher-h.md#oh_cryptoasymcipher_create) with the string parameter **'RSA1024|PKCS1'** to create a **Cipher** instance for encryption. The key type is **RSA1024**, and the padding mode is **PKCS1**. 19 203. Call [OH_CryptoAsymCipher_Init](../../reference/apis-crypto-architecture-kit/capi-crypto-asym-cipher-h.md#oh_cryptoasymcipher_init) to initialize the **Cipher** instance. Specifically, set **mode** to **CRYPTO_ENCRYPT_MODE**, and specify the key for encryption (**keyPair**). 21 224. Call [OH_CryptoAsymCipher_Final](../../reference/apis-crypto-architecture-kit/capi-crypto-asym-cipher-h.md#oh_cryptoasymcipher_final) and pass the plaintext to obtain the encrypted data. 23 24 - The output of **OH_CryptoAsymCipher_Final** may be **NULL**. To avoid exceptions, always check whether the result is **NULL** before accessing specific data. 25 - If the data to be encrypted is considerably long, you can call **OH_CryptoAsymCipher_Final** multiple times to [pass in and encrypt the data by segment](crypto-rsa-asym-encrypt-decrypt-by-segment-ndk.md). 26 27**Decryption** 28 291. If RSA is used, the **Cipher** instance cannot be initialized repeatedly. Call [OH_CryptoAsymCipher_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-asym-cipher-h.md#oh_cryptoasymcipher_create) to create a new **Cipher** instance. 30 312. Call [OH_CryptoAsymCipher_Init](../../reference/apis-crypto-architecture-kit/capi-crypto-asym-cipher-h.md#oh_cryptoasymcipher_init) to initialize the **Cipher** instance. Specifically, set **mode** to **CRYPTO_DECRYPT_MODE**, and specify the key for decryption (**keyPair**). 32 333. Call [OH_CryptoAsymCipher_Final](../../reference/apis-crypto-architecture-kit/capi-crypto-asym-cipher-h.md#oh_cryptoasymcipher_final) and pass the ciphertext to obtain the decrypted data. 34 35```C++ 36#include "CryptoArchitectureKit/crypto_architecture_kit.h" 37 38static OH_Crypto_ErrCode doTestRsaEncDec() 39{ 40 OH_CryptoAsymKeyGenerator *keyGen = nullptr; 41 OH_Crypto_ErrCode ret = OH_CryptoAsymKeyGenerator_Create("RSA1024", &keyGen); 42 if (ret != CRYPTO_SUCCESS) { 43 return ret; 44 } 45 46 OH_CryptoKeyPair *keyPair = nullptr; 47 ret = OH_CryptoAsymKeyGenerator_Generate(keyGen, &keyPair); 48 if (ret != CRYPTO_SUCCESS) { 49 OH_CryptoAsymKeyGenerator_Destroy(keyGen); 50 return ret; 51 } 52 53 OH_CryptoAsymCipher *cipher = nullptr; 54 ret = OH_CryptoAsymCipher_Create("RSA1024|PKCS1", &cipher); 55 if (ret != CRYPTO_SUCCESS) { 56 OH_CryptoKeyPair_Destroy(keyPair); 57 OH_CryptoAsymKeyGenerator_Destroy(keyGen); 58 return ret; 59 } 60 61 ret = OH_CryptoAsymCipher_Init(cipher, CRYPTO_ENCRYPT_MODE, keyPair); 62 if (ret != CRYPTO_SUCCESS) { 63 OH_CryptoAsymCipher_Destroy(cipher); 64 OH_CryptoKeyPair_Destroy(keyPair); 65 OH_CryptoAsymKeyGenerator_Destroy(keyGen); 66 return ret; 67 } 68 69 const char *testData = "Hello, RSA!"; 70 Crypto_DataBlob in = { 71 .data = (uint8_t *)testData, 72 .len = strlen(testData) 73 }; 74 75 Crypto_DataBlob out = { 0 }; 76 ret = OH_CryptoAsymCipher_Final(cipher, &in, &out); 77 if (ret != CRYPTO_SUCCESS) { 78 OH_CryptoAsymCipher_Destroy(cipher); 79 OH_CryptoKeyPair_Destroy(keyPair); 80 OH_CryptoAsymKeyGenerator_Destroy(keyGen); 81 return ret; 82 } 83 84 OH_CryptoAsymCipher_Destroy(cipher); 85 cipher = nullptr; 86 ret = OH_CryptoAsymCipher_Create("RSA1024|PKCS1", &cipher); 87 if (ret != CRYPTO_SUCCESS) { 88 OH_Crypto_FreeDataBlob(&out); 89 OH_CryptoKeyPair_Destroy(keyPair); 90 OH_CryptoAsymKeyGenerator_Destroy(keyGen); 91 return ret; 92 } 93 94 ret = OH_CryptoAsymCipher_Init(cipher, CRYPTO_DECRYPT_MODE, keyPair); 95 if (ret != CRYPTO_SUCCESS) { 96 OH_CryptoAsymCipher_Destroy(cipher); 97 OH_Crypto_FreeDataBlob(&out); 98 OH_CryptoKeyPair_Destroy(keyPair); 99 OH_CryptoAsymKeyGenerator_Destroy(keyGen); 100 return ret; 101 } 102 Crypto_DataBlob decrypted = { 0 }; 103 ret = OH_CryptoAsymCipher_Final(cipher, &out, &decrypted); 104 if (ret != CRYPTO_SUCCESS) { 105 OH_CryptoAsymCipher_Destroy(cipher); 106 OH_Crypto_FreeDataBlob(&out); 107 OH_CryptoKeyPair_Destroy(keyPair); 108 OH_CryptoAsymKeyGenerator_Destroy(keyGen); 109 return ret; 110 } 111 if ((decrypted.len != strlen(testData)) || (memcmp(decrypted.data, testData, decrypted.len) != 0)) { 112 OH_Crypto_FreeDataBlob(&decrypted); 113 OH_CryptoAsymCipher_Destroy(cipher); 114 OH_Crypto_FreeDataBlob(&out); 115 OH_CryptoKeyPair_Destroy(keyPair); 116 OH_CryptoAsymKeyGenerator_Destroy(keyGen); 117 return CRYPTO_OPERTION_ERROR; 118 } 119 120 OH_Crypto_FreeDataBlob(&decrypted); 121 OH_CryptoAsymCipher_Destroy(cipher); 122 OH_Crypto_FreeDataBlob(&out); 123 OH_CryptoKeyPair_Destroy(keyPair); 124 OH_CryptoAsymKeyGenerator_Destroy(keyGen); 125 return ret; 126} 127``` 128