C++实现AES算法,ECB/CBC模式,PKCS#7填充加解密

https://blog.csdn.net/qq_28205153/article/details/55798628

首先附上大佬的博文,写得很清楚了,AES-128的加解密。阅读量不是摆着看的,如果非要对内容作深究,

那么也可以结合一下评论,可以算是勘误。

https://zhuanlan.zhihu.com/p/360393988

知乎的这一篇,可以算是对上一篇博客的扩展,毕竟上一篇是固化为了128位密钥。

深入理解以后,肯定知道扩展为192/256位密钥是需要一些修改的。

当然了,知乎这一篇也是有一些错误的。

将(3)里面的
w[i] = w[i-6] xor temp;/*将上一个字(处理或没处理过) 改成 w[i] = w[i-8] xor temp;/*将上一个字(处理或没处理过) 即可。作者应该是复制修改,然后最后一处忘了改了。

本人所写,则结合两篇内容独立进行编写。

https://www.cnblogs.com/hhhhan1025/p/10115567.html

这一篇博客关于密钥扩展的描述些得更加清晰一点,也很推荐。

直接附上代码,内含详细注释。

  1 #ifndef MYAES_H
  2 #define MYAES_H
  3 #include <iostream>
  4 #include <vector>
  5 #include <string.h>
  6 
  7 using namespace std;
  8 
  9 /*
 10  *加密时用于字节代换的S盒
 11  * */
 12 const static unsigned char sbox[16][16]  =
 13 {{0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76},
 14 {0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0},
 15 {0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15},
 16 {0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75},
 17 {0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84},
 18 {0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf},
 19 {0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8},
 20 {0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2},
 21 {0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73},
 22 {0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb},
 23 {0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79},
 24 {0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08},
 25 {0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a},
 26 {0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e},
 27 {0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf},
 28 {0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16}};
 29 
 30 /*
 31  * 解密时用于字节代换的逆S盒
 32  * */
 33 const static unsigned char rsbox[16][16] =
 34 {{0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb},
 35 {0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb},
 36 {0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e},
 37 {0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25},
 38 {0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92},
 39 {0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84},
 40 {0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06},
 41 {0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b},
 42 {0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73},
 43 {0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e},
 44 {0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b},
 45 {0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4},
 46 {0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f},
 47 {0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef},
 48 {0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61},
 49 {0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d}};
 50 
 51 /*
 52  * 用于扩展密钥的轮常量
 53  * */
 54 const static unsigned char rcon[13][4] =
 55 {
 56     {0x01,0x0,0x0,0x0},{0x2,0x0,0x0,0x0},{0x4,0x0,0x0,0x0},{0x8,0x0,0x0,0x0},{0x10,0x0,0x0,0x0},
 57     {0x20,0x0,0x0,0x0},{0x40,0x0,0x0,0x0},{0x80,0x0,0x0,0x0},{0x1b,0x0,0x0,0x0},{0x36,0x0,0x0,0x0},
 58     {0x6c,0x0,0x0,0x0},{0xd8,0x0,0x0,0x0},{0xab,0x0,0x0,0x0}
 59 };
 60 
 61 /*
 62  * 加密时的列混合矩阵
 63  * */
 64 const static unsigned char mixcol[4][4] =
 65 {
 66     {0x2,0x3,0x1,0x1},{0x1,0x2,0x3,0x1},{0x1,0x1,0x2,0x3},{0x3,0x1,0x1,0x2}
 67 };
 68 
 69 /*
 70  * 解密时的列混合矩阵
 71  * */
 72 const static unsigned char rmixcol[4][4] =
 73 {
 74     {0xe,0xb,0xd,0x9},{0x9,0xe,0xb,0xd},{0xd,0x9,0xe,0xb},{0xb,0xd,0x9,0xe}
 75 };
 76 
 77 struct sixteenbyte{
 78     unsigned char s[4][4];
 79 };
 80 struct fourbyte{
 81     unsigned char s[4];
 82 };
 83 enum MODE{
 84     AES_128_ECB,AES_192_ECB,AES_256_ECB,AES_128_CBC,AES_192_CBC,AES_256_CBC
 85 };
 86 enum PADDING{
 87     NOPADDING,ZEROPADDING,PKCS7,OLDPADDING
 88 };
 89 //NOPADDING:不足128bit的部分,不会加密
 90 //ZEROPADDING:不足128bit的部分,使用字节0x0填充,如果数据末尾恰好为0x0,就没办法咯
 91 //PKCS7:不足128bit的部分,缺少几个字节,就填几个字节的几
 92 //OLDPADDING:貌似已经不是标准,这里暂且认为是最后缺少几个字节,前面的字节填0x0,最后一个字节填充几
 93 
 94 class MyAes
 95 {
 96 public:
 97     MyAes();
 98     MyAes(MODE mode = AES_128_ECB,PADDING pad = PKCS7);
 99     unsigned char* encrypt(unsigned char key[],unsigned char textA[],int Textlength = 16);
100     unsigned char* decrypt(unsigned char key[],unsigned char textA[],int Textlength = 16);
101     unsigned char* decrypt_cbc(unsigned char key[],unsigned char textA[],unsigned char ivA[],int Textlength = 16);
102     unsigned char* encrypt_cbc(unsigned char key[],unsigned char textA[],unsigned char ivA[],int Textlength = 16);
103     unsigned char getSBox(unsigned char old);
104     unsigned char getRSBox(unsigned char old);
105     static void printInfo();//打印一些类的使用说明
106     void printTime();//测试的时候打印一下运行时间
107     void printText();
108     unsigned char calcValue_original(unsigned char old,unsigned char value);//有限域内的乘法
109     unsigned char calcValue(unsigned char old,unsigned char value);//有限域内的乘法
110     char basicMulti(char a);//最基本的二元乘法
111     void setMode(MODE mode);//设置加密模式,其实还是长度
112     void setPad(PADDING pad);//设置填充模式
113 
114 private:
115     sixteenbyte text;
116     unsigned char* key;
117     fourbyte* mixWord;//[44]
118 
119     sixteenbyte iv;
120 
121     sixteenbyte* rword;//decrypt2太慢了
122 
123     int keyLength;//128、192、256
124     int wordLength;
125     int keyword;//密钥有多少个字长
126     int encryptTimes;//轮数
127     int beforeTimes;
128     int keybyte;
129 
130     string mod;//enum 定义各种模式
131 
132     MODE m_mode;
133 
134     PADDING m_pad;
135     int time;
136     bool nopad;
137 
138     sixteenbyte moveX(sixteenbyte st);//行移位
139     sixteenbyte rmoveX(sixteenbyte st);//逆行移位
140     void setKey(unsigned char* c);//设置密钥
141     void setText(unsigned char* c);//设置文本
142     void setKeyLength(int length);
143     void colTorow();//密文行列转置
144     void setIv(unsigned char* c);//设置偏移量
145     void addRoundKey(int round);//轮钥密加
146     sixteenbyte changeByte(sixteenbyte old);//加密时的字节代换
147     sixteenbyte rchangeByte(sixteenbyte old);//解密时的字节代换
148     char calc(unsigned char old[],int col);//对加密时对一列数据进行计算
149     char rcalc(unsigned char old[],int col);//解密时对一列数据进行计算
150     sixteenbyte mixCol(sixteenbyte old);//加密时的列混合
151     sixteenbyte rmixCol(sixteenbyte old);//解密时的列混合
152     void encrypt();//最基本的ecb加密
153     void decrypt();//最基本的ecb解密
154     void encrypt_cbc();//最基本的cbc加密
155     void decrypt_cbc();//最基本的cbc解密
156     void xorWithiv();//和偏移向量进行异或
157 
158 };
159 
160 #endif // MYAES_H
  1 #include "myaes.h"
  2 
  3 MyAes::MyAes()
  4 {
  5     setMode(AES_128_ECB);
  6     setPad(PKCS7);
  7     time = 0;
  8 }
  9 
 10 MyAes::MyAes(MODE mode ,PADDING pad)
 11 {
 12     setMode(mode);
 13     setPad(pad);
 14 }
 15 
 16 unsigned char *MyAes::encrypt(unsigned char key[], unsigned char textA[], int Textlength)
 17 {
 18     setKey(key);
 19     unsigned char str[16];
 20     unsigned char* result;
 21     int len = Textlength;
 22     int padLength = 16-len%16;
 23     result = (unsigned char*)malloc(len+padLength);
 24     memcpy(result,textA,len);
 25     len-=16;
 26     memset(str,0,16);
 27     int i=0;
 28     for(i=0;i<=len;i+=16)
 29     {
 30         memcpy(str,textA+i,16);
 31         setText(str);
 32         encrypt();
 33         colTorow();
 34         memcpy(result+i,text.s,16);
 35     }
 36 
 37     if(!nopad)
 38     {
 39         cout<<"tianchong length = "<<padLength<<endl;
 40         if(m_pad == ZEROPADDING)
 41             padLength = 0;
 42         memset(str,padLength,16);
 43         memcpy(str,result+i,len%16);
 44         setText(str);
 45         encrypt();
 46         colTorow();
 47         memcpy(result+i,text.s,16);
 48     }
 49     return result;
 50 }
 51 
 52 unsigned char *MyAes::decrypt(unsigned char key[], unsigned char textA[], int Textlength)
 53 {
 54     setKey(key);
 55     unsigned char str[16];
 56     unsigned char* result;
 57     int len = Textlength;
 58     result = (unsigned char*)malloc(len);
 59     memcpy(result,textA,len);
 60     len-=16;
 61     memset(str,0,16);
 62     for(int i=0;i<=len;i+=16)
 63     {
 64         memcpy(str,textA+i,16);
 65         setText(str);
 66         decrypt();
 67         colTorow();
 68         memcpy(result+i,text.s,16);
 69     }
 70     if(!nopad)
 71     {
 72         len+=16;
 73         int padLength = 0;
 74         if(m_pad == ZEROPADDING)
 75         {
 76             unsigned char temp[16];
 77             memcpy(temp,text.s,16);
 78             for(int j=15;j>=0;j--)
 79             {
 80                 if(temp[j]==0)
 81                     padLength++;
 82             }
 83         }
 84         else
 85         {
 86             padLength = text.s[3][3];
 87 
 88         }
 89         int leftLength = len-padLength;
 90         cout<<leftLength<<endl;
 91         unsigned char* tmp;
 92         tmp = (unsigned char*)malloc(leftLength);
 93         memcpy(tmp,result,leftLength);
 94         return tmp;
 95     }
 96     return result;
 97 }
 98 
 99 //解密必是16的整数倍
100 unsigned char *MyAes::decrypt_cbc(unsigned char key[], unsigned char textA[], unsigned char ivA[], int Textlength)
101 {
102     setIv(ivA);
103     setKey(key);
104     unsigned char str[16];
105     unsigned char* result;
106     int len = Textlength;
107     result = (unsigned char*)malloc(len);
108     memcpy(result,textA,len);
109     len-=16;
110     memset(str,0,16);
111     for(int i=0;i<=len;i+=16)
112     {
113         memcpy(str,textA+i,16);
114         setText(str);
115         decrypt_cbc();
116         setIv(str);
117         colTorow();
118         memcpy(result+i,text.s,16);
119     }
120     if(!nopad)
121     {
122         len+=16;
123         int padLength = 0;
124         if(m_pad == ZEROPADDING)
125         {
126             unsigned char temp[16];
127             memcpy(temp,text.s,16);
128             for(int j=15;j>=0;j--)
129             {
130                 if(temp[j]==0)
131                     padLength++;
132             }
133         }
134         else
135         {
136             padLength = text.s[3][3];
137 
138         }
139         int leftLength = len-padLength;
140         cout<<leftLength<<endl;
141         unsigned char* tmp;
142         tmp = (unsigned char*)malloc(leftLength);
143         memcpy(tmp,result,leftLength);
144         return tmp;
145     }
146     return result;
147 }
148 
149 unsigned char *MyAes::encrypt_cbc(unsigned char key[], unsigned char textA[], unsigned char ivA[], int Textlength)
150 {
151     setIv(ivA);
152     setKey(key);
153 
154     unsigned char str[16];
155     unsigned char* result;
156     int len = Textlength;
157     int padLength = 16-len%16;
158     result = (unsigned char*)malloc(len+padLength);
159     memcpy(result,textA,len);
160     len-=16;
161     memset(str,0,16);
162     int i=0;
163     for(i=0;i<=len;i+=16)
164     {
165         memcpy(str,textA+i,16);
166         setText(str);
167         encrypt_cbc();
168         iv = text;
169         colTorow();
170 
171         memcpy(result+i,text.s,16);
172     }
173     if(!nopad)
174     {
175         cout<<"tianchong length = "<<padLength<<endl;
176         memset(str,padLength,16);
177 //        memset(str,0,16);//memset貌似不是随意分配,与数据大小相关,目前来看,两种方式都可以
178 //        for(int j=0;j<16;j++)
179 //        {
180 //            str[i]^=padLength;
181 //        }
182 //        cout<<"str = "<<str<<endl;
183         memcpy(str,result+i,len%16);
184         setText(str);
185         encrypt_cbc();
186         colTorow();
187         memcpy(result+i,text.s,16);
188     }
189     return result;
190 }
191 
192 /*
193  * 从S盒进行字节代换
194  * */
195 unsigned char MyAes::getSBox(unsigned char old)
196 {
197     return *(sbox[0]+old);//继续减少运算步骤,稍微快一点点,文件大,才有明显差距
198    /*
199     * 以下算是字节代换最基本的解释
200     * */
201     char high = (old&0xf0)>>4;
202     char low = (old&0x0f);
203     return sbox[high][low];
204 }
205 
206 /*
207  * 从逆S盒进行字节代换
208  * */
209 unsigned char MyAes::getRSBox(unsigned char old)
210 {
211     return *(rsbox[0]+old);//快那么一点点,文件大,比较明显
212     char high = (old&0xf0)>>4;
213     char low = (old&0x0f);
214     return rsbox[high][low];
215 }
216 
217 
218 void MyAes::setKeyLength(int length)
219 {
220     keybyte = length>>3;//密钥的字节数量
221     keyLength = length;//密钥的位数,notused
222     keyword = keybyte>>2;//已经有了多少字
223 
224     encryptTimes = keyword + 6;
225     beforeTimes = encryptTimes-1;
226     wordLength = (encryptTimes+1)<<2;//总字数,
227     mixWord = new fourbyte[wordLength];
228     rword = new sixteenbyte[encryptTimes+1];
229 }
230 
231 void MyAes::printInfo()
232 {
233     cout<<"you can setMode or initialize the class use below constant words or num "<<endl;
234     cout<<"AES_128_ECB "<<"or use num 1."<<endl;
235     cout<<"AES_192_ECB "<<"or use num 2."<<endl;
236     cout<<"AES_256_ECB "<<"or use num 3."<<endl;
237     cout<<"AES_128_CBC "<<"or use num 4."<<endl;
238     cout<<"AES_192_CBC "<<"or use num 5."<<endl;
239     cout<<"AES_256_CBC "<<"or use num 6."<<endl;
240     cout<<"this class use AES_128_ECB mode as default if you don't set mode."<<endl;
241 }
242 
243 void MyAes::printTime()
244 {
245     cout<<"time = "<<time<<endl;
246 }
247 
248 void MyAes::printText()
249 {
250     for(int i=0;i<4;i++)
251     {
252         for(int j=0;j<4;j++)
253         {
254             printf("%0x ",text.s[i][j]);
255         }
256         cout<<endl;
257     }
258 }
259 
260 /*
261  * 以下为有限域内乘法的最基本解释,代入任何值,均可计算,效率显而易见的低。算法已知乘法系数value的值,手动写上针对不同value的计算过程即可。
262  * */
263 unsigned char MyAes::calcValue_original(unsigned char old, unsigned char value)
264 {
265     unsigned char result = old;
266     unsigned char calcIndex = 0x80;//对每一位进行计算,最后的结果再一起异或
267     vector<char> calcResult;//保存基本运算的结果
268     while (calcIndex>0) {
269         unsigned char temp = value&calcIndex;
270         old = result;
271         bool first = false;//标志着进行了运算
272         if(temp==1)
273         {
274             calcResult.push_back(result);
275         }
276         while(temp>=2)//根据位置决定进行多少次基本运算,0x2就是一次,0x4就是两次。。。
277         {
278             first = true;
279             old = basicMulti(old);
280             temp>>=1;
281         }
282         if(first)
283         {
284             calcResult.push_back(old);
285         }
286         calcIndex>>=1;
287     }
288     if(calcResult.size()==0)//代表value为0x1
289     {
290         return result;
291     }
292     result = calcResult[0];
293     for(int i=1;i<calcResult.size();i++)
294     {
295         result^=calcResult[i];
296     }
297     return result;
298 }
299 
300 /*
301  * 某个字节根据列混合矩阵的系数进行运算
302  * */
303 unsigned char MyAes::calcValue(unsigned char old, unsigned char value)
304 {
305     if (value == 0xd)//8+4+1
306     {
307         char tmp = basicMulti(basicMulti(old));
308         return basicMulti(tmp)^tmp^old;
309 //            return basicMulti(basicMulti(basicMulti(old))) ^ basicMulti(basicMulti(old)) ^ old; //这种写法按照加法进行展开,再提取合并以下,实测会更快。
310     }
311     if (value == 0x9)//8+1
312     {
313         return basicMulti(basicMulti(basicMulti(old))) ^ old;
314     }
315     if (value == 0xe)//8+4+2
316     {
317         char a = basicMulti(old);
318         char b = basicMulti(a);
319         return basicMulti(b)^b^a;
320 //            return basicMulti(basicMulti(basicMulti(old))) ^ basicMulti(basicMulti(old)) ^ basicMulti(old);//同样是进行提取
321     }
322     if (value == 0xb)//8+2+1
323     {
324         char a = basicMulti(old);
325         return basicMulti(basicMulti(a))^a^old;
326 //            return basicMulti(basicMulti(basicMulti(old))) ^ basicMulti(old) ^ old;//再次提取,稍微提高了运行效率
327     }
328     if (value == 0x1)//代表value为0x1
329     {
330         return old;
331     }
332     if (value == 0x2)
333     {
334         return basicMulti(old);
335     }
336     if (value == 0x3)//2+1
337     {
338         return basicMulti(old) ^ old;
339     }
340 }
341 
342 /*
343  * 列混合时,对一个字节最基本的计算
344  * */
345 
346 char MyAes::basicMulti(char a)
347 {
348     return (a<<1)^((a>>7&0x1)*0x1b);
349     //        return (a<<1)^(((a>>7&0x1)==0x0)?0x0:0x1b);//只不过是下面的简写而已,还是很慢
350     /*
351      * 基本乘法,判断该字节的第一位是否为1,该字节左移一位,补0,第一位为1,还要和0x1b进行异或;下面的写法就是基操,效率毫无疑问会比上面慢很多
352      * */
353     char first = a>>7&0x1;
354     a<<=1;
355     if(first==1)
356     {
357         a^=0x1b;
358     }
359     return a;
360 }
361 
362 void MyAes::setMode(MODE mode)
363 {
364     switch (mode) {
365     case AES_128_ECB:
366         setKeyLength(128);
367         this->m_mode = mode;
368         break;
369     case AES_192_ECB:
370         setKeyLength(192);
371         this->m_mode = mode;
372         break;
373     case AES_256_ECB:
374         setKeyLength(256);
375         this->m_mode = mode;
376         break;
377     case AES_128_CBC:
378         setKeyLength(128);
379         this->m_mode = mode;
380         break;
381     case AES_192_CBC:
382         setKeyLength(192);
383         this->m_mode = mode;
384         break;
385     case AES_256_CBC:
386         setKeyLength(256);
387         this->m_mode = mode;
388         break;
389     default:
390         setKeyLength(128);
391         this->mod = AES_128_ECB;
392         break;
393     }
394 
395 }
396 
397 //默认为PKCS7
398 void MyAes::setPad(PADDING pad)
399 {
400     nopad = false;
401     switch (pad) {
402     case NOPADDING:
403         this->m_pad = pad;
404         nopad = true;
405         break;
406     case ZEROPADDING:
407         this->m_pad = pad;
408         break;
409     case PKCS7:
410         this->m_pad = pad;
411         break;
412     case OLDPADDING:
413         this->m_pad = pad;
414         break;
415     default:
416         this->m_pad = PKCS7;
417         break;
418     }
419 }
420 
421 /*
422  * 行移位
423  * */
424 sixteenbyte MyAes::moveX(sixteenbyte old)
425 {
426     sixteenbyte ne;
427     for(int i=0;i<4;i++)
428     {
429         for(int j=0;j<4;j++)
430         {
431             ne.s[i][j] = old.s[i][(j+i)%4];
432         }
433     }
434     return ne;
435 }
436 
437 
438 /*
439  * 逆行移位
440  * */
441 sixteenbyte MyAes::rmoveX(sixteenbyte old)
442 {
443     sixteenbyte ne;
444     for(int i=0;i<4;i++)
445     {
446         for(int j=3;j>=0;j--)
447         {
448             ne.s[i][j] = old.s[i][(j-i+4)%4];
449         }
450     }
451     return ne;
452 }
453 
454 /*
455  * 输入密钥,并进行扩展
456  * */
457 void MyAes::setKey(unsigned char *c)
458 {
459     key = (unsigned char*)malloc(keybyte);
460     memcpy(key,c,keybyte);
461 //    cout<<"keybyte = "<<keybyte<<endl;
462 //    cout<<"keyword = "<<keyword<<endl;
463 //    cout<<"wordlength = "<<wordLength<<endl;
464     memcpy(mixWord,key,keybyte);//以密钥作为字
465     for(int i=keyword;i<wordLength;i++)//后40个word
466     {
467         if(i%keyword!=0)//不是4的倍数,word[i] = word[i-4]^word[i-1]
468         {
469             fourbyte temp = mixWord[i-1];
470             for(int j=0;j<4;j++)
471             {
472                 if(i%keyword==4&&keyword>6)
473                 {
474                     temp.s[j] = getSBox(temp.s[j]);
475                 }
476                 mixWord[i].s[j] = mixWord[i-keyword].s[j]^temp.s[j];
477             }
478         }
479         else//4的倍数,word[i] = word[i-4]^T(word[i-1]),T代表字节左移一位,S盒字节代换,根据轮数与轮常量进行异或
480         {
481             fourbyte temp = mixWord[i-1];
482             for(int j=0;j<4;j++)
483             {
484 //                    printf("j = %d old = %0x\n",j,temp.s[j]);
485                 temp.s[j] = mixWord[i-1].s[(j+1)%4];//字循环
486 //                    printf("j = %d temp = %0x\n",j,temp.s[j]);
487                 temp.s[j] = getSBox(temp.s[j]);//字节代换
488 //                    printf("daihuan j = %d temp = %0x\n",j,temp.s[j]);
489 //                    printf("lunzi %0x \n",rcon[((i%4)-1)][j]);
490                 temp.s[j] = temp.s[j]^rcon[(i/keyword-1)][j];//轮常量异或
491 //                    printf("ron j = %d temp = %0x\n",j,temp.s[j]);
492                 mixWord[i].s[j] = mixWord[i-keyword].s[j]^temp.s[j];
493             }
494 
495         }
496     }
497 }
498 
499 void MyAes::setText(unsigned char *c)
500 {
501     for(int i=0;i<4;i++)
502     {
503         for(int j=0;j<4;j++)
504         {
505             text.s[j][i] = (*c++);
506         }
507     }
508 }
509 
510 void MyAes::colTorow()
511 {
512     for(int i=0;i<4;i++)
513     {
514         for(int j=i+1;j<4;j++)
515         {
516             char tmp = text.s[i][j]^text.s[j][i];
517             text.s[i][j]^=tmp;
518             text.s[j][i]^=tmp;
519         }
520     }
521 }
522 
523 /*
524  * 输入偏移量
525  * */
526 void MyAes::setIv(unsigned char *c)
527 {
528     for(int i=0;i<4;i++)
529     {
530         for(int j=0;j<4;j++)
531         {
532             iv.s[j][i] = (*c++);
533         }
534     }
535 }
536 
537 /*
538  * 轮钥密加
539  * */
540 void MyAes::addRoundKey(int round)
541 {
542     for(int i=0;i<4;i++)
543     {
544         fourbyte temp = mixWord[round*4+i];
545         for(int j=0;j<4;j++)
546         {
547             text.s[j][i]^=temp.s[j];
548         }
549     }
550 }
551 
552 /*
553  * 加密时的字节代换
554  * */
555 sixteenbyte MyAes::changeByte(sixteenbyte old)
556 {
557     for(int i=0;i<4;i++)
558     {
559         for(int j=0;j<4;j++)
560         {
561             old.s[i][j] = getSBox(old.s[i][j]);
562         }
563     }
564     return old;
565 }
566 
567 /*
568  * 解密时的逆字节代换
569  * */
570 sixteenbyte MyAes::rchangeByte(sixteenbyte old)
571 {
572     for(int i=0;i<4;i++)
573     {
574         for(int j=0;j<4;j++)
575         {
576             old.s[i][j] = getRSBox(old.s[i][j]);
577         }
578     }
579     return old;
580 }
581 
582 /*
583  * 4字节的数据,分别根据col那一行的列混合矩阵系数进行基本运算,结果一起进行异或
584  * */
585 char MyAes::calc(unsigned char old[], int col)
586 {
587     for(int i=0;i<4;i++)
588     {
589         old[i] = calcValue(old[i],mixcol[col][i]);
590     }
591 
592     return old[0]^old[1]^old[2]^old[3];//4个字节的计算结果异或后返回
593 }
594 
595 char MyAes::rcalc(unsigned char old[], int col)
596 {
597     for(int i=0;i<4;i++)
598     {
599         old[i] = calcValue(old[i],rmixcol[col][i]);
600     }
601     return old[0]^old[1]^old[2]^old[3];
602 }
603 
604 /*
605  * 列混合,实质为4字节的数据根据行数使用列混合矩阵某一行的乘法系数
606  * */
607 sixteenbyte MyAes::mixCol(sixteenbyte old)
608 {
609     sixteenbyte temp;
610     for(int i=0;i<4;i++)
611     {
612         for(int j=0;j<4;j++)
613         {
614             unsigned char tmp[4];//以列为计算方向
615             tmp[0] = old.s[0][j];
616             tmp[1] = old.s[1][j];
617             tmp[2] = old.s[2][j];
618             tmp[3] = old.s[3][j];
619 //                temp.s[i][j] = calc(old.s[j],i);
620             temp.s[i][j] = calc(tmp,i);
621         }
622     }
623     return temp;
624 }
625 
626 sixteenbyte MyAes::rmixCol(sixteenbyte old)
627 {
628     sixteenbyte temp;
629     for(int i=0;i<4;i++)
630     {
631         for(int j=0;j<4;j++)
632         {
633             unsigned char tmp[4];
634             tmp[0] = old.s[0][j];
635             tmp[1] = old.s[1][j];
636             tmp[2] = old.s[2][j];
637             tmp[3] = old.s[3][j];
638             temp.s[i][j] = rcalc(tmp,i);
639         }
640     }
641     return temp;
642 }
643 
644 void MyAes::encrypt()
645 {
646     addRoundKey(0);
647     for(int i=1;i<=beforeTimes;i++)
648     {
649         text = changeByte(text);//字节代换
650         text = moveX(text);//行移位
651         text = mixCol(text);//列混合
652         addRoundKey(i);//轮密钥加
653     }
654     //第10轮
655     text = changeByte(text);//字节代换
656     text = moveX(text);//行移位
657     addRoundKey(encryptTimes);//轮密钥加
658 
659     //        printText();
660 }
661 
662 void MyAes::decrypt()
663 {
664     addRoundKey(encryptTimes);
665     text = rmoveX(text);
666     text = rchangeByte(text);
667     for(int i=beforeTimes;i>=1;i--)
668     {
669         addRoundKey(i);
670         text = rmixCol(text);
671         text = rmoveX(text);
672         text = rchangeByte(text);
673     }
674     addRoundKey(0);
675 }
676 
677 void MyAes::encrypt_cbc()
678 {
679     xorWithiv();
680     addRoundKey(0);
681     for(int i=1;i<=beforeTimes;i++)
682     {
683         text = changeByte(text);//字节代换
684         text = moveX(text);//行移位
685         text = mixCol(text);//列混合
686         addRoundKey(i);//轮密钥加
687     }
688     //第10轮
689     text = changeByte(text);//字节代换
690     text = moveX(text);//行移位
691     addRoundKey(encryptTimes);//轮密钥加
692 }
693 
694 void MyAes::decrypt_cbc()
695 {
696     addRoundKey(encryptTimes);
697     text = rmoveX(text);
698     text = rchangeByte(text);
699     for(int i=beforeTimes;i>=1;i--)
700     {
701         addRoundKey(i);
702         text = rmixCol(text);
703         text = rmoveX(text);
704         text = rchangeByte(text);
705     }
706     addRoundKey(0);
707     xorWithiv();
708 }
709 
710 /*
711  * 和偏移向量进行异或
712  * */
713 void MyAes::xorWithiv()
714 {
715     for(int i=0;i<4;i++)
716     {
717         for(int j=0;j<4;j++)
718         {
719             text.s[i][j]^=iv.s[i][j];
720         }
721     }
722 }

本人其实也只是测试了PKCS7模式的加解密,所得结果和php的openssl一致。其实填充其实也没啥问题。

注释也写得挺详细。

本人只实现了CBC/ECB模式,其他3种不太常用的,直接PASS。效率的话,肯定是有待提高的。反正会比php慢很多。

本人虽然学了挺久的C语言,但是几乎没用过位操作,以前看见位操作的算法,就敬而远之。

这次写了这个练手,感觉进步还是蛮大的,也理解了那些算法不是为了晦涩难懂才写成那样,而是为了追求极致的效率。

还有就是指针操作,有待加强。

posted @ 2021-10-01 12:28  念秋  阅读(5759)  评论(0编辑  收藏  举报