• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# Encryption and Decryption with an SM4 Symmetric Key (ECB Mode) (C/C++)
2
3<!--Kit: Crypto Architecture Kit-->
4<!--Subsystem: Security-->
5<!--Owner: @zxz--3-->
6<!--Designer: @lanming-->
7<!--Tester: @PAFT-->
8<!--Adviser: @zengyawen-->
9
10For details about the algorithm specifications, see [SM4](crypto-sym-encrypt-decrypt-spec.md#sm4).
11
12## Adding the Dynamic Library in the CMake Script
13```txt
14target_link_libraries(entry PUBLIC libohcrypto.so)
15```
16
17**Encryption**
18
191. Call [OH_CryptoSymKeyGenerator_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-key-h.md#oh_cryptosymkeygenerator_create) and [OH_CryptoSymKeyGenerator_Generate](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-key-h.md#oh_cryptosymkeygenerator_generate) to generate a symmetric key (**OH_CryptoSymKey**) with the key algorithm being SM4 and the key length being 128 bits.
20
21   In addition to the example in this topic, [SM4](crypto-sym-key-generation-conversion-spec.md#sm4) and [Randomly Generating a Symmetric Key](crypto-generate-sym-key-randomly-ndk.md) may help you better understand how to generate an SM4 symmetric key. Note that the input parameters in the reference documents may be different from those in the example below.
22
232. Call [OH_CryptoSymCipher_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_create) with the string parameter **'SM4_128|ECB|PKCS7'** to create a **Cipher** instance for encryption. The key type is **SM4_128**, block cipher mode is **ECB**, and the padding mode is **PKCS7**.
24
253. Call [OH_CryptoSymCipher_Init](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_init) to initialize the **Cipher** instance. Specifically, set **mode** to **CRYPTO_ENCRYPT_MODE**, and specify the key for encryption (**OH_CryptoSymKey**).
26
27   When ECB mode is used, pass in **null** in **params**.
28
294. Call [OH_CryptoSymCipher_Update](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_update) to update data (in plaintext).
30
31   - If a small amount of data is to be encrypted, you can use **OH_CryptoSymCipher_Final()** immediately after **OH_CryptoSymCipher_Init()**.
32   - If a large amount of data is to be encrypted, you can call **OH_CryptoSymCipher_Update()** multiple times to pass in the data by segment.
33
345. Call [OH_CryptoSymCipher_Final](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_final) to obtain the encrypted data.
35
36   - If data has been passed in by **OH_CryptoSymCipher_Update()**, pass in **null** in the **data** parameter of **OH_CryptoSymCipher_Final**.
37   - The output of **OH_CryptoSymCipher_Final** may be **null**. To avoid exceptions, always check whether the result is **null** before accessing specific data.
38
396. Call [OH_CryptoSymKeyGenerator_Destroy](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-key-h.md#oh_cryptosymkeygenerator_destroy), [OH_CryptoSymCipher_Destroy](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_destroy), and [OH_CryptoSymCipherParams_Destroy](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipherparams_destroy) to destroy the objects.
40
41**Decryption**
42
431. Call [OH_CryptoSymCipher_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_create) with the string parameter **'SM4_128|ECB|PKCS7'** to create a **Cipher** instance for decryption. The key type is **SM4_128**, block cipher mode is **ECB**, and the padding mode is **PKCS7**.
44
452. Call [OH_CryptoSymCipher_Init](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_init) to initialize the **Cipher** instance. Specifically, set **mode** to **CRYPTO_DECRYPT_MODE**, and specify the key for decryption (**OH_CryptoSymKey**). When ECB mode is used, pass in **null** in **params**.
46
473. Call [OH_CryptoSymCipher_Update](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_update) to update data (in ciphertext).
48
494. Call [OH_CryptoSymCipher_Final](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_final) to obtain the decrypted data.
50
51```c++
52#include "CryptoArchitectureKit/crypto_common.h"
53#include "CryptoArchitectureKit/crypto_sym_cipher.h"
54#include <string.h>
55
56static OH_Crypto_ErrCode doTestSm4Ecb() {
57    OH_CryptoSymKeyGenerator *genCtx = nullptr;
58    OH_CryptoSymCipher *encCtx = nullptr;
59    OH_CryptoSymCipher *decCtx = nullptr;
60    OH_CryptoSymKey *keyCtx = nullptr;
61    OH_CryptoSymCipherParams *params = nullptr;
62    char *plainText = const_cast<char *>("this is test!");
63    Crypto_DataBlob input = {.data = (uint8_t *)(plainText), .len = strlen(plainText)};
64    Crypto_DataBlob outUpdate = {.data = nullptr, .len = 0};
65    Crypto_DataBlob decUpdate = {.data = nullptr, .len = 0};
66
67    // Generate a symmetric key randomly.
68    OH_Crypto_ErrCode ret;
69    ret = OH_CryptoSymKeyGenerator_Create("SM4_128", &genCtx);
70    if (ret != CRYPTO_SUCCESS) {
71        goto end;
72    }
73    ret = OH_CryptoSymKeyGenerator_Generate(genCtx, &keyCtx);
74    if (ret != CRYPTO_SUCCESS) {
75        goto end;
76    }
77    // Create parameters.
78    ret = OH_CryptoSymCipherParams_Create(&params);
79    if (ret != CRYPTO_SUCCESS) {
80        goto end;
81    }
82
83    // Encrypt the message.
84    ret = OH_CryptoSymCipher_Create("SM4_128|ECB|PKCS7", &encCtx);
85    if (ret != CRYPTO_SUCCESS) {
86        goto end;
87    }
88    ret = OH_CryptoSymCipher_Init(encCtx, CRYPTO_ENCRYPT_MODE, keyCtx, params);
89    if (ret != CRYPTO_SUCCESS) {
90        goto end;
91    }
92    ret = OH_CryptoSymCipher_Final(encCtx, &input, &outUpdate);
93    if (ret != CRYPTO_SUCCESS) {
94        goto end;
95    }
96
97    // Decrypt the message.
98    ret = OH_CryptoSymCipher_Create("SM4_128|ECB|PKCS7", &decCtx);
99    if (ret != CRYPTO_SUCCESS) {
100        goto end;
101    }
102    ret = OH_CryptoSymCipher_Init(decCtx, CRYPTO_DECRYPT_MODE, keyCtx, params);
103    if (ret != CRYPTO_SUCCESS) {
104        goto end;
105    }
106    ret = OH_CryptoSymCipher_Final(decCtx, &outUpdate, &decUpdate);
107    if (ret != CRYPTO_SUCCESS) {
108        goto end;
109    }
110    // Release the resources.
111end:
112    OH_CryptoSymCipherParams_Destroy(params);
113    OH_CryptoSymCipher_Destroy(encCtx);
114    OH_CryptoSymCipher_Destroy(decCtx);
115    OH_CryptoSymKeyGenerator_Destroy(genCtx);
116    OH_CryptoSymKey_Destroy(keyCtx);
117    OH_Crypto_FreeDataBlob(&outUpdate);
118    OH_Crypto_FreeDataBlob(&decUpdate);
119    return ret;
120}
121```
122