C++ 中密码学应用技术详解
密码学是研究信息加密、解密和认证的科学,它在保护信息安全、确保数据传输安全等方面发挥着至关重要的作用。C++ 作为一种高性能的编程语言,在密码学领域有着广泛的应用。本文将围绕 C++ 语言,探讨密码学在 C++ 中的应用技术,包括对称加密、非对称加密、哈希函数和数字签名等。
一、对称加密
对称加密是一种加密和解密使用相同密钥的加密方式。在 C++ 中,可以使用各种库来实现对称加密,如 OpenSSL。
1.1 OpenSSL 库
OpenSSL 是一个开源的加密库,支持多种加密算法。以下是一个使用 OpenSSL 实现AES对称加密的示例代码:
cpp
include
include
include
int main() {
const int keySize = 16; // AES-128
unsigned char key[keySize];
RAND_bytes(key, keySize);
const int ivSize = 16; // AES-128
unsigned char iv[ivSize];
RAND_bytes(iv, ivSize);
const int dataSize = 64;
unsigned char data[dataSize] = "Hello, World!";
unsigned char encrypted[dataSize];
unsigned char decrypted[dataSize];
AES_keysetup(key, keySize 8, AES_ENCRYPT, iv);
AES_cbc_encrypt(data, encrypted, dataSize, key, iv, AES_ENCRYPT);
AES_keysetup(key, keySize 8, AES_DECRYPT, iv);
AES_cbc_encrypt(encrypted, decrypted, dataSize, key, iv, AES_DECRYPT);
std::cout << "Original: " << std::string(data, dataSize) << std::endl;
std::cout << "Encrypted: " << std::string(encrypted, dataSize) << std::endl;
std::cout << "Decrypted: " << std::string(decrypted, dataSize) << std::endl;
return 0;
}
1.2 Crypto++ 库
Crypto++ 是一个开源的加密库,提供了多种加密算法的实现。以下是一个使用 Crypto++ 实现AES对称加密的示例代码:
cpp
include
include
include
include
include
include
int main() {
const std::string key = "1234567890123456"; // 16字节密钥
const std::string iv = "1234567890123456"; // 16字节初始化向量
std::string data = "Hello, World!";
CryptoPP::AES::SetKey(key.data(), key.size() 8);
CryptoPP::StringSource ss1(data, true, new CryptoPP::StreamTransformationFilter(
new CryptoPP::AES::CBC::DecryptionFilter(
new CryptoPP::StringSink(decrypted),
new CryptoPP::PKCS7(CryptoPP::AES::blockSize())
), new CryptoPP::HexDecoder(new CryptoPP::StringSink(decrypted))));
std::string decrypted;
CryptoPP::AES::SetKey(key.data(), key.size() 8);
CryptoPP::StringSource ss2(decrypted, true, new CryptoPP::StreamTransformationFilter(
new CryptoPP::AES::CBC::EncryptionFilter(
new CryptoPP::StringSink(encrypted),
new CryptoPP::PKCS7(CryptoPP::AES::blockSize())
), new CryptoPP::HexEncoder(new CryptoPP::StringSink(encrypted))));
std::string encrypted;
std::cout << "Original: " << data << std::endl;
std::cout << "Encrypted: " << encrypted << std::endl;
std::cout << "Decrypted: " << decrypted << std::endl;
return 0;
}
二、非对称加密
非对称加密使用一对密钥,即公钥和私钥。公钥用于加密,私钥用于解密。在 C++ 中,可以使用 OpenSSL 或 Crypto++ 库来实现非对称加密。
2.1 OpenSSL 库
以下是一个使用 OpenSSL 实现RSA非对称加密的示例代码:
cpp
include
include
include
include
int main() {
// 生成RSA密钥对
BIGNUM bn = BN_new();
BN_set_word(bn, RSA_F4);
RSA rsa = RSA_new();
RSA_generate_key_ex(rsa, 2048, bn, NULL);
// 将公钥和私钥写入文件
FILE pubFile = fopen("public.pem", "wb");
FILE privFile = fopen("private.pem", "wb");
PEM_write_RSAPublicKey(pubFile, rsa);
PEM_write_RSAPrivateKey(privFile, rsa, NULL, NULL, 0, NULL, NULL);
fclose(pubFile);
fclose(privFile);
// 加载公钥和私钥
FILE pubKeyFile = fopen("public.pem", "rb");
FILE privKeyFile = fopen("private.pem", "rb");
RSA pubKey = PEM_read_RSAPublicKey(pubKeyFile, NULL, NULL, NULL);
RSA privKey = PEM_read_RSAPrivateKey(privKeyFile, NULL, NULL, NULL);
fclose(pubKeyFile);
fclose(privKeyFile);
// 使用公钥加密
unsigned char encrypted = new unsigned char[RSA_size(rsa)];
int encryptedLen = RSA_public_encrypt(5, (unsigned char )"Hello, World!", encrypted, rsa, RSA_PKCS1_PADDING);
std::cout << "Encrypted: " << std::string((char )encrypted, encryptedLen) << std::endl;
// 使用私钥解密
unsigned char decrypted = new unsigned char[RSA_size(rsa)];
int decryptedLen = RSA_private_decrypt(encryptedLen, encrypted, decrypted, rsa, RSA_PKCS1_PADDING);
std::cout << "Decrypted: " << std::string((char )decrypted, decryptedLen) << std::endl;
// 清理资源
RSA_free(rsa);
RSA_free(pubKey);
RSA_free(privKey);
BN_free(bn);
delete[] encrypted;
delete[] decrypted;
return 0;
}
2.2 Crypto++ 库
以下是一个使用 Crypto++ 实现RSA非对称加密的示例代码:
cpp
include
include
include
include
int main() {
CryptoPP::RSA::PrivateKey privateKey;
privateKey.GenerateRandomWithKeySize(2048);
CryptoPP::RSA::PublicKey publicKey;
publicKey = privateKey;
std::string data = "Hello, World!";
std::string encrypted, decrypted;
CryptoPP::StringSource ss1(data, true, new CryptoPP::PKCS1OAEP::Encryption(
publicKey,
new CryptoPP::Base64Decoder(new CryptoPP::StringSink(encrypted))
));
CryptoPP::StringSource ss2(encrypted, true, new CryptoPP::PKCS1OAEP::Decryption(
privateKey,
new CryptoPP::Base64Decoder(new CryptoPP::StringSink(decrypted))
));
std::cout << "Original: " << data << std::endl;
std::cout << "Encrypted: " << encrypted << std::endl;
std::cout << "Decrypted: " << decrypted << std::endl;
return 0;
}
三、哈希函数
哈希函数是一种将任意长度的输入(或“消息”)映射为固定长度的输出(或“哈希值”)的函数。在 C++ 中,可以使用 OpenSSL 或 Crypto++ 库来实现哈希函数。
3.1 OpenSSL 库
以下是一个使用 OpenSSL 实现SHA-256哈希的示例代码:
cpp
include
include
int main() {
const char data = "Hello, World!";
unsigned char hash[SHA256_DIGEST_LENGTH];
SHA256_CTX sha256;
SHA256_Init(&sha256);
SHA256_Update(&sha256, data, strlen(data));
SHA256_Final(hash, &sha256);
std::cout << "SHA-256: ";
for (int i = 0; i < SHA256_DIGEST_LENGTH; i++) {
std::cout << std::hex << std::setw(2) << std::setfill('0') << (int)hash[i];
}
std::cout << std::endl;
return 0;
}
3.2 Crypto++ 库
以下是一个使用 Crypto++ 实现SHA-256哈希的示例代码:
cpp
include
include
include
int main() {
const std::string data = "Hello, World!";
CryptoPP::SHA256 hash;
std::string digest;
hash.Update((const byte)data.data(), data.size());
hash.Final(digest);
std::cout << "SHA-256: ";
CryptoPP::StringSource ss(digest, true, new CryptoPP::HexDecoder(new CryptoPP::StringSink(std::cout)));
std::cout << std::endl;
return 0;
}
四、数字签名
数字签名是一种用于验证消息完整性和身份的技术。在 C++ 中,可以使用 OpenSSL 或 Crypto++ 库来实现数字签名。
4.1 OpenSSL 库
以下是一个使用 OpenSSL 实现RSA数字签名的示例代码:
cpp
include
include
include
include
int main() {
// ...(省略生成密钥对和写入文件的代码)
// 加载私钥
FILE privKeyFile = fopen("private.pem", "rb");
RSA privKey = PEM_read_RSAPrivateKey(privKeyFile, NULL, NULL, NULL);
fclose(privKeyFile);
// 加载公钥
FILE pubKeyFile = fopen("public.pem", "rb");
RSA pubKey = PEM_read_RSAPublicKey(pubKeyFile, NULL, NULL, NULL);
fclose(pubKeyFile);
// 生成签名
unsigned char signature = new unsigned char[RSA_size(privKey)];
int signatureLen = RSA_sign(NID_sha256, (unsigned char )"Hello, World!", strlen("Hello, World!"), signature, privKey);
// 验证签名
int verifyResult = RSA_verify(NID_sha256, (unsigned char )"Hello, World!", strlen("Hello, World!"), signature, signatureLen, pubKey);
std::cout << "Signature: ";
for (int i = 0; i < signatureLen; i++) {
std::cout << std::hex << std::setw(2) << std::setfill('0') << (int)signature[i];
}
std::cout << std::endl;
std::cout << "Verification: " << (verifyResult ? "Success" : "Failure") << std::endl;
// 清理资源
RSA_free(rsa);
RSA_free(pubKey);
RSA_free(privKey);
BN_free(bn);
delete[] signature;
return 0;
}
4.2 Crypto++ 库
以下是一个使用 Crypto++ 实现RSA数字签名的示例代码:
cpp
include
include
include
include
int main() {
// ...(省略生成密钥对和写入文件的代码)
// 生成签名
CryptoPP::StringSource ss1(data, true, new CryptoPP::PKCS1WithRSAEncryption(
privateKey,
new CryptoPP::Base64Decoder(new CryptoPP::StringSink(signature))
));
// 验证签名
CryptoPP::StringSource ss2(signature, true, new CryptoPP::PKCS1WithRSAEncryption(
publicKey,
new CryptoPP::Base64Decoder(new CryptoPP::StringSink(decrypted))
));
std::cout << "Original: " << data << std::endl;
std::cout << "Signature: " << signature << std::endl;
std::cout << "Verification: " << (decrypted == data ? "Success" : "Failure") << std::endl;
return 0;
}
结论
本文介绍了 C++ 中密码学应用技术,包括对称加密、非对称加密、哈希函数和数字签名。通过使用 OpenSSL 和 Crypto++ 库,我们可以轻松地在 C++ 程序中实现这些密码学功能。在实际应用中,选择合适的加密算法和库对于确保信息安全至关重要。
Comments NOTHING