Usage of AES encryption in OpenSSL

1 Introduction to AES algorithm

Original link:
https://blog.csdn.net/mao834099514/article/details/54945776

1.1 introduction to AES algorithm

Advanced Encryption Standard (AES) in cryptography, also known as Rijndael encryption method, is a block encryption standard adopted by the federal government of the United States. This standard is used to replace the original DES, which has been analyzed by many parties and widely used all over the world. After five years of selection process, the advanced encryption standard was released by the National Institute of standards and Technology (NIST) in FIPS PUB 197 on November 26, 2001, and became an effective standard on May 26, 2002. In 2006, advanced encryption standard has become one of the most popular algorithms in symmetric key encryption.

As shown in the figure below, the data packet length of AES algorithm is 128 bits and the key length is 128 / 192 / 256 bits.

1.2 introduction to AES working mode

1) Introduction to ECB mode

2) Introduction to CBC mode

In the following figure, IV is generally 16 bytes all zeros, and the length of the data block is an integer multiple of 16 bytes, so an 8-byte data block is added after this data block,

The additional data block is "80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

2 AES algorithm ECB mode

2.1 using AES functions_ set_ encrypt_ Key set encryption key

Function prototype:

int AES_set_encrypt_key(const unsigned char *userKey, const int bits,AES_KEY *key);

Function function:

Set the Key for encryption;

Parameter Description:

userKey: key value;

bits: key length, in bit s. If the key number is 16 bytes, the parameter value should be 128;

key: AES_KEY object pointer;

Return value: 0 succeeded, - 1 userkey, the key is empty, - 2: the key length is not 128192256;

2.2 using AES functions_ set_ decrypt_ Key sets the decryption key.

Function prototype:

int AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key);

Function function:

Set the Key for decryption;

Parameter Description:

userKey: key value;

bits: key length, in bit s. If the key number is 16 bytes, the parameter value should be 128;

key: AES_KEY object pointer;

Return value: 0 succeeded, - 1 userkey, the key is empty, - 2: the key length is not 128192256;

2.3 using AES functions_ ecb_ Encrypt encrypts and decrypts data

Function prototype:

void AES_ecb_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key, const int enc);

Function Description:

AES encryption / decryption of single data block (16 bytes), ECB mode

Parameter Description:

in: data to be encrypted / decrypted;

out: data output after calculation;
Key: key

enc: AES_ENCRYPT stands for encryption, AES_DECRYPT represents decryption;

3 AES algorithm CBC mode

3.1 using AES functions_ set_ encrypt_ Key sets the encryption key.

Function prototype:

int AES_set_encrypt_key(const unsigned char *userKey, const int bits,AES_KEY *key);

Function function:

Set the Key for encryption;

Parameter Description:

userKey: key value;

bits: key length, in bit s. If the key number is 16 bytes, the parameter value should be 128;

key: AES_KEY object pointer;

Return value: 0 succeeded, - 1 userkey, the key is empty, - 2: the key length is not 128192256;

3.2 using AES functions_ set_ decrypt_ Key sets the decryption key.

Function prototype:

int AES_set_decrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key);

Function function:

Set the Key for decryption;

Parameter Description:

userKey: key value;

bits: key length, in bit s. If the key number is 16 bytes, the parameter value should be 128;

key: AES_KEY object pointer;

Return value: 0 succeeded, - 1 userkey, the key is empty, - 2: the key length is not 128192256;

3.3 using AES functions_ cbc_ Encrypt encrypts and decrypts data

Function prototype:

void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, size_t length, const AES_KEY *key, unsigned char *ivec, const int enc);

Function function:

AES encrypts / decrypts a single data block (16 bytes), CBC mode

Parameter Description:

in: data to be encrypted / decrypted;

out: data output after calculation;

Length: data length (initial vector data length is not included here)
Key: key

ivec: initial vector (generally 16 bytes, all zeros)
enc: AES_ENCRYPT stands for encryption, AES_DECRYPT represents decryption;

4. Encryption and decryption implementation code of AES algorithm in ECB and CBC modes:

4.1 encryption implementation

void CPage3::OnButtonEncrypt()
{
 // TODO: Add your control notification handler code here
 unsigned char key_hex[256] = {0};
 unsigned char data_hex[256] = {0};
 unsigned char initval_hex[256] = {0};
 unsigned char temp[256] = {0};
 int i = 0;
 int keylen = 0;
 int datalen = 0;
 int InitialLen = 0;
 AES_KEY key;
 
    UpdateData(TRUE);
 
 m_key.Remove(' ');
 m_data.Remove(' ');
 m_initval.Remove(' ');
 
 keylen = m_key.GetLength()/2;
    datalen = m_data.GetLength()/2;
 InitialLen = m_initval.GetLength()/2;
 
 if (datalen%16!=0)
 {
  AfxMessageBox("The input data length is not an integer multiple of 16, please re-enter!");
  return;
 }
 
 StrToHex(m_key,key_hex,keylen);
 StrToHex(m_data,data_hex,datalen);
 StrToHex(m_initval,initval_hex,InitialLen);
 
 if (keylen == 16)
 {
  //Set encryption key
  AES_set_encrypt_key(key_hex,128,&key);
 }
 else if (keylen == 24)
 {
        //Set encryption key
  AES_set_encrypt_key(key_hex,192,&key);
 }
 else if (keylen == 32)
 {
  //Set encryption key
  AES_set_encrypt_key(key_hex,256,&key);
 }
 else
 {
        AfxMessageBox("The input key length is not 16/24/32 Byte, please re-enter!");
  return;
 }
 
 //ECB mode
 if (((CButton*)GetDlgItem(IDC_RADIO1))->GetCheck())
 {
  for(i = 0;i < datalen/16;i++)
  {
   AES_ecb_encrypt(data_hex+i*16, temp+i*16,&key,AES_ENCRYPT);
  }
 }
 //CBC mode
 else if (((CButton*)GetDlgItem(IDC_RADIO2))->GetCheck())
 {
  memcpy(data_hex+datalen,"\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",16);
 
  datalen = datalen+16;
  
  for(i = 0;i < datalen/16;i++)
  {
   AES_cbc_encrypt(data_hex+i*16, temp+i*16,16,&key,initval_hex, AES_ENCRYPT);
  }
  
 }
 
 HexToStr(temp,datalen,m_result);
 
    UpdateData(FALSE);
}

4.2 decryption implementation

void CPage3::OnButtonDecrypt()
{
 // TODO: Add your control notification handler code here
 unsigned char key_hex[256] = {0};
 unsigned char data_hex[256] = {0};
 unsigned char initval_hex[256] = {0};
 unsigned char temp[256] = {0};
 int i = 0;
 int keylen = 0;
 int datalen = 0;
 int InitialLen = 0;
 AES_KEY key;
 
    UpdateData(TRUE);
 
 m_key.Remove(' ');
 m_data.Remove(' ');
 m_initval.Remove(' ');
 
 keylen = m_key.GetLength()/2;
    datalen = m_data.GetLength()/2;
 InitialLen = m_initval.GetLength()/2;
 
 if (datalen%16!=0)
 {
  AfxMessageBox("The input data length is not an integer multiple of 16, please re-enter!");
  return;
 }
 
 StrToHex(m_key,key_hex,keylen);
 StrToHex(m_data,data_hex,datalen);
 StrToHex(m_initval,initval_hex,InitialLen);
 
 if (keylen == 16)
 {
  //Set decryption key
  AES_set_decrypt_key(key_hex,128,&key);
 }
 else if (keylen == 24)
 {
        //Set decryption key
  AES_set_decrypt_key(key_hex,192,&key);
 }
 else if (keylen == 32)
 {
  //Set decryption key
  AES_set_decrypt_key(key_hex,256,&key);
 }
 else
 {
        AfxMessageBox("The input key length is not 16/24/32 Byte, please re-enter!");
  return;
 }
 
 //ECB mode
 if (((CButton*)GetDlgItem(IDC_RADIO1))->GetCheck())
 {
  for(i = 0;i < datalen/16;i++)
  {
   AES_ecb_encrypt(data_hex+i*16, temp+i*16,&key,AES_DECRYPT);
  }
 }
 //CBC mode
 else if (((CButton*)GetDlgItem(IDC_RADIO2))->GetCheck())
 {
  for(i = 0;i < datalen/16;i++)
  {
   AES_cbc_encrypt(data_hex+i*16, temp+i*16,16,&key,initval_hex, AES_DECRYPT);
  }
 }
 
 HexToStr(temp,datalen,m_result);
 
    UpdateData(FALSE);
}

5 example 2

#include <openssl/aes.h>

void Widget::aesInit()
{
    const char *key_string = "123456";
        AES_KEY  aes;
        int i = 0;
        unsigned char out1[16];
        unsigned char out2[16];
        memset(out1,0,16);
        memset(out2,0,16);
        if (AES_set_encrypt_key((unsigned char*)key_string, 128, &aes) < 0) {
           qDebug()<<"Unable to set encryption key in AES\n";
           exit(-1);
        }
        char temp[16] = "ABCDEDDFDSGFRSF";
        AES_encrypt((unsigned char*)temp,out1,&aes);
        for(i= 0;i < 16;i++){
            qDebug("%X",out1[i]);
        }
        if (AES_set_decrypt_key((unsigned char*)key_string, 128, &aes) < 0) {
            qDebug()<<"Unable to set encryption key in AES\n";
            exit(-1);
        }
        AES_decrypt(out1,out2,&aes);
        qDebug()<<"temp=%s\n"<<temp<<"out2=%s\n"<<out2;
		
}

Keywords: security cryptology

Added by Glen on Sat, 13 Nov 2021 05:01:16 +0200

Programming VIP

Usage of AES encryption in OpenSSL

1 Introduction to AES algorithm

1.1 introduction to AES algorithm

1.2 introduction to AES working mode

2 AES algorithm ECB mode

2.1 using AES functions_ set_ encrypt_ Key set encryption key

2.2 using AES functions_ set_ decrypt_ Key sets the decryption key.

2.3 using AES functions_ ecb_ Encrypt encrypts and decrypts data

3 AES algorithm CBC mode

3.1 using AES functions_ set_ encrypt_ Key sets the encryption key.

3.2 using AES functions_ set_ decrypt_ Key sets the decryption key.

3.3 using AES functions_ cbc_ Encrypt encrypts and decrypts data

4. Encryption and decryption implementation code of AES algorithm in ECB and CBC modes:

4.1 encryption implementation

4.2 decryption implementation

5 example 2

Popular Keywords