时间戳

首页 > 解决方案 > 如何在 Android NDK c++ 上执行 ASE-256-CBC 加密和解密?

android - 如何在 Android NDK c++ 上执行 ASE-256-CBC 加密和解密?

问题描述

我想在 Android NDK c++ 上执行 AES-256-CBC 加密和解密。我对它很陌生。我有从各种输入中获得的加密数据,需要对其进行解密。而且我想防止在解密时暴露加密密钥和一些额外的扭曲。因为android apk可以很容易地反编译。我试图通过将 libcrypto.a 和 libssl.a 添加到 ndk 来将 OPENSSL 添加到 NDK,但它说找不到 AES_cbc_encrypt。

这是我的 CMakeLists.txt


cmake_minimum_required(VERSION 3.10.2)

# Declares and names the project.

project("myapplication")

add_library( # Sets the name of the library.
             native-lib

             # Sets the library as a shared library.
             SHARED

             # Provides a relative path to your source file(s).
             native-lib.cpp )

find_library( # Sets the name of the path variable.
              log-lib

              # Specifies the name of the NDK library that
              # you want CMake to locate.
              log )


target_link_libraries( # Specifies the target library.
                       native-lib

                       # Links the target library to the log library
                       # included in the NDK.
                       ${log-lib} )

如果有人对如何完成这项工作有任何想法。那我真的很感激。谢谢

标签: androidc++encryptionandroid-ndkaes

解决方案

如果您使用C,请看mbedtls这里。我还将这个库用于我的 android 应用程序。

https://github.com/ARMmbed/mbedtls

  1. mbedtls-development.zip从此链接下载https://github.com/ARMmbed/mbedtls或单击此链接:https ://github.com/ARMmbed/mbedtls/archive/refs/heads/development.zip
  2. 在您的驱动器中提取mbedtls-development.zip,然后*.c files\mbedtls-development\library\文件夹复制到您的 android\app\src\main\cpp\mbedtls\*.c 并将*.h文件从\mbedtls-development\include\mbedtls\文件夹复制到您的 android\app\src\main\cpp\mbedtls\*.h
  3. 将所有文件从 重命名*.c*.cpp
  4. 如下更新您CMakeList.txt的。
  5. 看看这里如何使用 AES CBC:https ://tls.mbed.org/kb/how-to/encrypt-with-aes-cbc

例子:

本机 lib.cpp

#include "../../../mbedtls/config.h"
#include "../../../mbedtls/aes.h"

void encWithAes() {
    
        
    // keys 32 bytes
    unsigned char key[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
                           0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
                           0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
                           0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};

    // initial vector 16 bytes
    unsigned char iv[] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
                          0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};


    unsigned char input [] = {0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08};
    unsigned char output[128];
        

    mbedtls_aes_context aes;
    mbedtls_aes_init(&aes);
    mbedtls_aes_setkey_enc(&aes, key, 256);
    
    // this is cbc encrypted with key 32 bytes and initial vector 16 bytes
    mbedtls_aes_crypt_cbc(&aes, MBEDTLS_AES_ENCRYPT, 16, iv, input, output);        

}

CMakeList.txt

cmake_minimum_required(VERSION 3.4.1)

option(USE_SHARED_MBEDTLS_LIBRARY "Build mbed TLS shared library." ON)

set(
        src_mbedtls
        mbedtls/aes.cpp
        #mbedtls/aesni.cpp
        #mbedtls/arc4.cpp
        #mbedtls/aria.cpp
        #mbedtls/asn1parse.cpp
        #mbedtls/asn1write.cpp
        #mbedtls/base64.cpp
        #mbedtls/bignum.cpp
        #mbedtls/blowfish.cpp
        #mbedtls/camellia.cpp
        #mbedtls/ccm.cpp
        #mbedtls/chacha20.cpp
        #mbedtls/chachapoly.cpp
        #mbedtls/cipher.cpp
        #mbedtls/cipher_wrap.cpp
        #mbedtls/cmac.cpp
        #mbedtls/ctr_drbg.cpp
        #mbedtls/des.cpp
        #mbedtls/dhm.cpp
        #mbedtls/ecdh.cpp
        #mbedtls/ecdsa.cpp
        #mbedtls/ecjpake.cpp
        #mbedtls/ecp.cpp
        #mbedtls/ecp_curves.cpp
        #mbedtls/entropy.cpp
        #mbedtls/entropy_poll.cpp
        mbedtls/error.cpp
        #mbedtls/gcm.cpp
        #mbedtls/havege.cpp
        #mbedtls/hkdf.cpp
        #mbedtls/hmac_drbg.cpp
        #mbedtls/md.cpp
        #mbedtls/md2.cpp
        #mbedtls/md4.cpp
        #mbedtls/md5.cpp
        #mbedtls/md_wrap.cpp
        #mbedtls/memory_buffer_alloc.cpp
        #mbedtls/nist_kw.cpp
        #mbedtls/oid.cpp
        #mbedtls/padlock.cpp
        #mbedtls/pem.cpp
        #mbedtls/pk.cpp
        #mbedtls/pk_wrap.cpp
        #mbedtls/pkcs12.cpp
        #mbedtls/pkcs5.cpp
        #mbedtls/pkparse.cpp
        #mbedtls/pkwrite.cpp
        mbedtls/platform.cpp
        mbedtls/platform_util.cpp
        #mbedtls/poly1305.cpp
        #mbedtls/ripemd160.cpp
        #mbedtls/rsa.cpp
        #mbedtls/rsa_internal.cpp
        #mbedtls/sha1.cpp
        #mbedtls/sha256.cpp
        #mbedtls/sha512.cpp
        #mbedtls/threading.cpp
        #mbedtls/timing.cpp
        #mbedtls/version.cpp
        #mbedtls/version_features.cpp
        #mbedtls/xtea.cpp
        #mbedtls/certs.cpp
        #mbedtls/pkcs11.cpp
        #mbedtls/x509.cpp
        #mbedtls/x509_create.cpp
        #mbedtls/x509_crl.cpp
        #mbedtls/x509_crt.cpp
        #mbedtls/x509_csr.cpp
        #mbedtls/x509write_crt.cpp
        #mbedtls/x509write_csr.cpp
        #mbedtls/debug.cpp
        #mbedtls/net_sockets.cpp
        #mbedtls/ssl_cache.cpp
        #mbedtls/ssl_ciphersuites.cpp
        #mbedtls/ssl_cli.cpp
        #mbedtls/ssl_cookie.cpp
        #mbedtls/ssl_srv.cpp
        #mbedtls/ssl_ticket.cpp
        #mbedtls/ssl_tls.cpp
)
set(
        src_native-lib
        native-lib.cpp  
)
#
add_library(            # mbedtls
        mbedtls         #   sets the name of the library.
        SHARED          #   sets the library as a shared library.
        ${src_mbedtls}  #   provides a relative path to your source file(s).
        )
add_library(
        native-lib  
        SHARED
        ${src_native-lib}
        mbedtls
)
#
find_library(
        log-lib          # Sets the name of the path variable.
        log              # Specifies the name of the NDK library that you want CMake to locate.
)
#
target_link_libraries(   # mbedtls
        mbedtls          #  Specifies the target library.
        ${log-lib}       #  Links the target library to the log library included in the NDK.
        )
target_link_libraries(
        native-lib       
        mbedtls
        ${log-lib}
)

推荐阅读