Encryption and Decryption with a 3DES Symmetric Key (ECB Mode) (C/C++)

For details about the algorithm specifications, see 3DES.

Adding the Dynamic Library in the CMake Script

target_link_libraries(entry PUBLIC libohcrypto.so)

How to Develop

Creating an Object

Call OH_CryptoSymKeyGenerator_Create and OH_CryptoSymKeyGenerator_Generate to generate a 192-bit 3DES symmetric key (OH_CryptoSymKey).

In addition to the example in this topic, 3DES and Converting Binary Data into a Symmetric Key may help you better understand how to generate a 3DES symmetric key pair. Note that the input parameters in the reference documents may be different from those in the example below.

Encrypting a Message

1. Call OH_CryptoSymCipher_Create with the string parameter ‘3DES192|ECB|PKCS7’ to create a Cipher instance for encryption. The key type is 3DES192, block cipher mode is ECB, and the padding mode is PKCS7.

2. Call OH_CryptoSymCipher_Init to initialize the Cipher instance. Specifically, set mode to CRYPTO_ENCRYPT_MODE, and specify the key for encryption (OH_CryptoSymKey).

If ECB mode is used, set params to null.

1. Call OH_CryptoSymCipher_Update to update the data (plaintext) to be encrypted.

   • If a small amount of data is to be encrypted, you can use OH_CryptoSymCipher_Final() immediately after OH_CryptoSymCipher_Init().
   • If a large amount of data is to be encrypted, you can call OH_CryptoSymCipher_Update multiple times to pass in the data by segment.

2. Call OH_CryptoSymCipher_Final to generate the ciphertext.

   • If OH_CryptoSymCipher_Update is used to pass in data, set data to null. If OH_CryptoSymCipher_Final is used to pass in data, pass in the plaintext via data.
   • The output of OH_CryptoSymCipher_Final may be null. To avoid exceptions, always check whether the result is null before accessing specific data.

Decryption

1. Call OH_CryptoSymCipher_Create with the string parameter ‘3DES192|ECB|PKCS7’ to create a Cipher instance for decryption. The key type is 3DES192, block cipher mode is ECB, and the padding mode is PKCS7.

2. Call OH_CryptoSymCipher_Init to initialize the Cipher instance. Specifically, set mode to CRYPTO_DECRYPT_MODE, and specify the key for decryption (OH_CryptoSymKey). When ECB mode is used, pass null to params.

3. Call OH_CryptoSymCipher_Update to update the data (ciphertext) to be decrypted.

   • If a small amount of data is to be encrypted, you can use OH_CryptoSymCipher_Final() immediately after OH_CryptoSymCipher_Init().
   • If a large amount of data is to be encrypted, you can call OH_CryptoSymCipher_Update multiple times to pass in the data by segment.
   • You can determine the method to use based on the data volume. For example, if the data volume is greater than 20 bytes, use OH_CryptoSymCipher_Update.

4. Call OH_CryptoSymCipher_Final to generate the plaintext.

   • If OH_CryptoSymCipher_Update is used to pass in data, set data to null. If OH_CryptoSymCipher_Final is used to pass in data, pass in the ciphertext via data.
   • The output of OH_CryptoSymCipher_Final may be null. To avoid exceptions, always check whether the result is null before accessing specific data.

Destroying Objects

Call OH_CryptoSymKeyGenerator_Destroy, OH_CryptoSymCipher_Destroy, OH_CryptoSymKey_Destroy, and OH_Crypto_FreeDataBlob to release the allocated memory and destroy objects.

Example

If the cipher mode is ECB, you do not need to set encryption and decryption parameters.

If the cipher mode is CBC, CTR, OFB, or CFB, you must set the IV and modify the parameters when the Cipher instance is generated and initialized during encryption and decryption. For details about how to set the IV, see Setting the IV.

#include "CryptoArchitectureKit/crypto_common.h"
#include "CryptoArchitectureKit/crypto_sym_cipher.h"
#include <string.h>

static OH_Crypto_ErrCode doTest3DesEcb()
{
    OH_CryptoSymKeyGenerator *genCtx = nullptr;
    OH_CryptoSymCipher *encCtx = nullptr;
    OH_CryptoSymCipher *decCtx = nullptr;
    OH_CryptoSymKey *keyCtx = nullptr;
    char *plainText = const_cast<char *>("this is test!");
    Crypto_DataBlob input = {.data = (uint8_t *)(plainText), .len = strlen(plainText)};
    Crypto_DataBlob encData = {.data = nullptr, .len = 0};
    Crypto_DataBlob decData = {.data = nullptr, .len = 0};

    // Generate a symmetric key randomly.
    OH_Crypto_ErrCode ret;
    ret = OH_CryptoSymKeyGenerator_Create("3DES192", &genCtx);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }
    ret = OH_CryptoSymKeyGenerator_Generate(genCtx, &keyCtx);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }

    // Encrypt the message.
    ret = OH_CryptoSymCipher_Create("3DES192|ECB|PKCS7", &encCtx);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }
    // If CBC, CTR, OFB, or CFB is used, modify the cipher mode and set the IV.
    ret = OH_CryptoSymCipher_Init(encCtx, CRYPTO_ENCRYPT_MODE, keyCtx, nullptr);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }
    ret = OH_CryptoSymCipher_Final(encCtx, &input, &encData);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }

    // Decrypt the message.
    ret = OH_CryptoSymCipher_Create("3DES192|ECB|PKCS7", &decCtx);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }
    // If CBC, CTR, OFB, or CFB is used, modify the cipher mode and set the IV.
    ret = OH_CryptoSymCipher_Init(decCtx, CRYPTO_DECRYPT_MODE, keyCtx, nullptr);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }
    ret = OH_CryptoSymCipher_Final(decCtx, &encData, &decData);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }

end:
    OH_CryptoSymCipher_Destroy(encCtx);
    OH_CryptoSymCipher_Destroy(decCtx);
    OH_CryptoSymKeyGenerator_Destroy(genCtx);
    OH_CryptoSymKey_Destroy(keyCtx);
    OH_Crypto_FreeDataBlob(&encData);
    OH_Crypto_FreeDataBlob(&decData);
    return ret;
}

Setting the IV

The following example demonstrates how to set the IV when the CBC mode is used.

If CBC, CTR, OFB, or CFB mode is used, set the IV in the same way. If ECB mode is used, you do not need to set the decryption parameters.

    OH_CryptoSymCipherParams *params = nullptr;
    uint8_t iv[8] = {1, 2, 4, 12, 3, 4, 2, 3}; // iv is generated from an array of secure random numbers.
    Crypto_DataBlob ivBlob = {.data = iv, .len = sizeof(iv)};

    ret = OH_CryptoSymCipherParams_Create(&params);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }
    // Set parameters.
    ret = OH_CryptoSymCipherParams_SetParam(params, CRYPTO_IV_DATABLOB, &ivBlob); // You only need to set iv if CBC mode is used.
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }
    
    // Encrypt data.
    ret = OH_CryptoSymCipher_Create("AES128|CBC|PKCS7", &encCtx);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }
    ret = OH_CryptoSymCipher_Init(encCtx, CRYPTO_ENCRYPT_MODE, keyCtx, params);
    if (ret != CRYPTO_SUCCESS) {
        goto end;
    }
    // This code snippet only shows the differences between CBC, CTR, OFB, and CFB modes. For details about other processes, see the related development examples.

你可能感兴趣的鸿蒙文章

harmony 鸿蒙Crypto Architecture Kit

harmony 鸿蒙Encryption and Decryption with a 3DES Symmetric Key (ECB Mode) (ArkTS)

harmony 鸿蒙Encryption and Decryption with an AES Symmetric Key (CBC Mode) (C/C++)

harmony 鸿蒙Encryption and Decryption with an AES Symmetric Key (CBC Mode) (ArkTS)

harmony 鸿蒙Encryption and Decryption with an AES Symmetric Key (CCM Mode) (C/C++)

harmony 鸿蒙Encryption and Decryption with an AES Symmetric Key (CCM Mode) (ArkTS)

harmony 鸿蒙Encryption and Decryption with an AES Symmetric Key (ECB Mode) (C/C++)

harmony 鸿蒙Encryption and Decryption with an AES Symmetric Key (ECB Mode) (ArkTS)

harmony 鸿蒙Encryption and Decryption by Segment with an AES Symmetric Key (GCM Mode) (C/C++)

harmony 鸿蒙Encryption and Decryption by Segment with an AES Symmetric Key (GCM Mode) (ArkTS)