C ++ AES加密比128位大的字符串 [英] C++ AES encrypt bigger string than 128bits

问题描述

AES的最大块大小为128，键大小如128,196& 256。

AES has maximum block size of 128, and key sizes like 128, 196 & 256.

我已经实现了aes算法，如下：

I have implemented the aes algorithm like so:

int main()
{
 unsigned char key[KEY_128] = "very strong key";
 unsigned char plaintext[16] = "this is a test";
 unsigned char ciphertext[16];
 unsigned char decptext[16];
 aes_ctx_t *ctx;
 virtualAES::Initialize();
 ctx = virtualAES::AllocateCTX(key, sizeof(key));
 virtualAES::Encrypt(ctx, plaintext, ciphertext);
 cout << "encrypted: " << ciphertext << endl;
 virtualAES::Encrypt(ctx, ciphertext, decptext);
 cout << "decrypted: " << decptext << endl;
 return 0;
}

但我想加密比128位大的数据，例如512位长。
如何实现？

but I want to encrypt larger data than 128bits, for example string that's 512 bits long. How to achieve?

推荐答案

我在其他地方发布了这个答案，但它也适用于这里， ：

I posted this answer elsewhere, but as it applies here as well, here you go:

我更熟悉C＃，它有通过System.Security.Cryptography命名空间暴露的几种加密模式。然而我知道密码块链接如何工作。我会向你解释，但是请记住这是很容易搞乱加密，所以这只是信息，我希望你会找到一个库，做你需要做的。

I am more familiar with C#, which has several modes of encryption exposed through the System.Security.Cryptography namespace. However I know how Cipher Block Chaining works. I'll explain it to you, but keep in mind it is really easy to mess up crypto, so this is informational only, and I hope you will find a library that does what you need done.

使用密码块链接（CBC）这里是你做的。获取您的数据并将其分解为块大小。 128位是16字节，所以你去。如果您在最后一个块中少于16个字节，则必须填充。我知道的最常见的方式是PKCS7填充，这意味着，例如，如果你需要3个字节填充在你的最后一个块的结尾，你会添加0x03，0x03，0x03使其成为一个完整的块。

With cipher block chaining (CBC) here is what you do. Take your data and break it into block sizes. 128 bits is 16 bytes, so there you go. If you have less than 16 bytes in your last block, you must pad. The commonest way I know of is PKCS7 padding, which means for example if you need 3 bytes of padding at the end of your last block, you would add 0x03, 0x03, 0x03 to make it a full block.

现在你已经准备好加密了。你应该有一个初始化向量（IV）开始。与您的第一块纯文本进行位异或运算。然后按照通常加密单个数据块的方式加密结果（ECB模式）。结果是你的第一个密码文本块。但它也等同于要加密的下一个块的IV。按位与第二块进行XOR并加密。取加密块，记录它，并使用它与第三块XOR。

So now you are ready to encrypt. You should have an initialization vector (IV) to start off with. Bitwise XOR that IV with your first block of plain text. Then encrypt the result the way you normally would encrypt a single block of data (ECB mode). The result is your first block of cipher text. But it is also equivalent to the IV for the next block you want to encrypt. Bitwise XOR it with the second block and encrypt. Take that encrypted block, record it, and also use it to XOR with the third block. And so on.

这个过程使得显示完全相同的文本，比如说在文档中出现5次，每次出现时都会完全不同。所以它增加了更多的安全性。尽管如此，IV不需要保密。密码和盐，IVs不。

This process makes it so that the exact same text appearing, let's say 5 times in a document will look totally different each time it appears. So it adds more security. Despite this, the IV does not need to be kept secret at all. Passwords and salts do, IVs do not.

这篇关于C ++ AES加密比128位大的字符串的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！