保存密钥和IV到文件AES实现Crypto ++ [英] Saving key and iv to file AES implementation Crypto++
问题描述
所以我正在使用Crypto ++库来加密文件。我需要保存密钥和iv,以备将来使用。我正在关注本教程。这是我的功能:
So I am using the Crypto++ Library to encrypt a file. I need to save the key and iv for future use. I am following this tutorial. Here is my function :
void AESUtil::encrypt(string filename,bool savekeys,string savefilename){
AutoSeededRandomPool rnd;
// Generate a random key
byte key[AES::DEFAULT_KEYLENGTH];
rnd.GenerateBlock(key, AES::DEFAULT_KEYLENGTH);
// Generate a random IV
byte iv[AES::BLOCKSIZE];
rnd.GenerateBlock(iv, AES::BLOCKSIZE);
Binary b;
string plaintext = b.decoder(filename);
unsigned char *ciphertext= new unsigned char[plaintext.size()+1];
ciphertext[plaintext.size()]='\0';
if(savekeys){
ofstream("key.bin", ios::binary).write((char*)key, sizeof(key));
}
CFB_Mode<AES>::Encryption cfbEncryption(key, AES::DEFAULT_KEYLENGTH, iv);
cfbEncryption.ProcessData(ciphertext,reinterpret_cast<const unsigned char*>(plaintext.c_str()),plaintext.size()+1);
ofstream outfile(savefilename.c_str());
outfile.write((char*)ciphertext,sizeof(ciphertext));
}
文件包含 / 格式的数据。我想知道最好的方法,以编程方式将密钥和iv保存为文件的字节数组,将无符号char *的密文保存为单独的文件。
The files contain data in �/���� format. I want to know the best method to save the key and iv programmatically which are a byte array to a file and the ciphertext which is a unsigned char* to a separate file.
推荐答案
密钥可以保存在单独的文件中。通常,该密钥预先在发送者/接收者之间建立,或者使用接收者的公共密钥进行加密。请注意,将密钥保存在密文旁边是没有意义的,因为它不会提供任何保护。密钥的处理称为密钥管理,有关整本书籍的内容,都已写过。
The key could be saved in a separate file. Normally the key is established between sender / receiver in advance, or it is encrypted using a public key of the receiver. Note that it doesn't make sense to save the key next to the ciphertext, as it would provide no protection whatsoever. The handling of keys is called key management and entire books have been written about it.
IV是另一种动物。 IV应该是随机生成的。对于CFB,它在两侧至少应该是唯一且相同的。通常,IV仅以密文作为前缀,因此不必保密。
The IV is a different animal. The IV should be randomly generated. For CFB it should at least be unique and identical at both sides. Usually the IV is simply prefixed to the ciphertext, it doesn't have to be kept secret.
这篇关于保存密钥和IV到文件AES实现Crypto ++的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
