1# 使用AES对称密钥(ECB模式)加解密(C/C++) 2 3<!--Kit: Crypto Architecture Kit--> 4<!--Subsystem: Security--> 5<!--Owner: @zxz--3--> 6<!--Designer: @lanming--> 7<!--Tester: @PAFT--> 8<!--Adviser: @zengyawen--> 9 10对应的算法规格请查看[对称密钥加解密算法规格:AES](crypto-sym-encrypt-decrypt-spec.md#aes)。 11 12## 在CMake脚本中链接相关动态库 13```txt 14target_link_libraries(entry PUBLIC libohcrypto.so) 15``` 16 17## 开发步骤 18 19**创建对象** 20 21调用[OH_CryptoSymKeyGenerator_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-key-h.md#oh_cryptosymkeygenerator_create)和[OH_CryptoSymKeyGenerator_Generate](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-key-h.md#oh_cryptosymkeygenerator_generate),生成AES算法、128位的对称密钥(OH_CryptoSymKey)。 22 23 如何生成AES对称密钥,开发者可参考下文示例,并结合[对称密钥生成和转换规格:AES](crypto-sym-key-generation-conversion-spec.md#aes)和[随机生成对称密钥](crypto-generate-sym-key-randomly-ndk.md)理解,参考文档与当前示例可能存在入参差异,请在阅读时注意区分。 24 25**加密** 26 271. 调用[OH_CryptoSymCipher_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_create),指定字符串参数'AES128|ECB|PKCS7',创建对称密钥类型为AES128、分组模式为ECB、填充模式为PKCS7的Cipher实例,用于完成加密操作。 28 292. 调用[OH_CryptoSymCipher_Init](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_init),设置模式为加密(CRYPTO_ENCRYPT_MODE),指定加密密钥(OH_CryptoSymKey),初始化加密Cipher实例。 30 313. 加密内容较短时,可以直接调用[OH_CryptoSymCipher_Final](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_final)获取加密后的数据,无需调用[OH_CryptoSymCipher_Update](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_update)。 32 33**解密** 34 351. 调用[OH_CryptoSymCipher_Create](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_create),指定字符串参数'AES128|ECB|PKCS7',创建对称密钥类型为AES128、分组模式为ECB、填充模式为PKCS7的Cipher实例,用于解密操作。 36 372. 调用[OH_CryptoSymCipher_Init](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_init),设置模式为解密(CRYPTO_DECRYPT_MODE),指定解密密钥(OH_CryptoSymKey),初始化解密Cipher实例。 38 393. 当解密内容较短时,可以直接调用[OH_CryptoSymCipher_Final](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_final)获取解密后的数据,无需调用[OH_CryptoSymCipher_Update](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_update)。 40 41**销毁对象** 42 43调用[OH_CryptoSymKeyGenerator_Destroy](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-key-h.md#oh_cryptosymkeygenerator_destroy)销毁密钥生成器。调用[OH_CryptoSymCipher_Destroy](../../reference/apis-crypto-architecture-kit/capi-crypto-sym-cipher-h.md#oh_cryptosymcipher_destroy)销毁密码对象。 44 45```c++ 46#include "CryptoArchitectureKit/crypto_common.h" 47#include "CryptoArchitectureKit/crypto_sym_cipher.h" 48#include <string.h> 49 50static OH_Crypto_ErrCode doTestAesEcb() 51{ 52 OH_CryptoSymKeyGenerator *genCtx = nullptr; 53 OH_CryptoSymCipher *encCtx = nullptr; 54 OH_CryptoSymCipher *decCtx = nullptr; 55 OH_CryptoSymKey *keyCtx = nullptr; 56 char *plainText = const_cast<char *>("this is test"); 57 Crypto_DataBlob input = {.data = (uint8_t *)(plainText), .len = strlen(plainText)}; 58 Crypto_DataBlob encData = {.data = nullptr, .len = 0}; 59 Crypto_DataBlob decData = {.data = nullptr, .len = 0}; 60 61 // 随机生成对称密钥。 62 OH_Crypto_ErrCode ret; 63 ret = OH_CryptoSymKeyGenerator_Create("AES128", &genCtx); 64 if (ret != CRYPTO_SUCCESS) { 65 goto end; 66 } 67 ret = OH_CryptoSymKeyGenerator_Generate(genCtx, &keyCtx); 68 if (ret != CRYPTO_SUCCESS) { 69 goto end; 70 } 71 72 // 加密操作。 73 ret = OH_CryptoSymCipher_Create("AES128|ECB|PKCS7", &encCtx); 74 if (ret != CRYPTO_SUCCESS) { 75 goto end; 76 } 77 ret = OH_CryptoSymCipher_Init(encCtx, CRYPTO_ENCRYPT_MODE, keyCtx, nullptr); // ECB模式params为null。 78 if (ret != CRYPTO_SUCCESS) { 79 goto end; 80 } 81 ret = OH_CryptoSymCipher_Final(encCtx, &input, &encData); 82 if (ret != CRYPTO_SUCCESS) { 83 goto end; 84 } 85 86 // 解密操作。 87 ret = OH_CryptoSymCipher_Create("AES128|ECB|PKCS7", &decCtx); 88 if (ret != CRYPTO_SUCCESS) { 89 goto end; 90 } 91 ret = OH_CryptoSymCipher_Init(decCtx, CRYPTO_DECRYPT_MODE, keyCtx, nullptr); // ECB模式params为null。 92 if (ret != CRYPTO_SUCCESS) { 93 goto end; 94 } 95 ret = OH_CryptoSymCipher_Final(decCtx, &encData, &decData); 96 if (ret != CRYPTO_SUCCESS) { 97 goto end; 98 } 99 100end: 101 OH_CryptoSymCipher_Destroy(encCtx); 102 OH_CryptoSymCipher_Destroy(decCtx); 103 OH_CryptoSymKeyGenerator_Destroy(genCtx); 104 OH_CryptoSymKey_Destroy(keyCtx); 105 OH_Crypto_FreeDataBlob(&encData); 106 OH_Crypto_FreeDataBlob(&decData); 107 return ret; 108} 109``` 110