#include "stm32f10x.h" #include "mbedtls_util.h" #include #include "mbedtls/sha1.h" #include "mbedtls/sha256.h" #include "mbedtls/aes.h" #include "mbedtls/cipher.h" #include "mbedtls/base64.h" #include "sys.h" #include #include "AT.h" #define KEY_IOPAD_SIZE 64 #define SHA1_DIGEST_SIZE 20 #define SHA256_DIGEST_SIZE 32 #define AES_LEN_SIZE 256 #define AES_BLOCK_SIZE 16 //unsigned char buffer[AES_LEN_SIZE*2]={0}; static char plaintextdata[AES_LEN_SIZE]= {0}; /** * 填充源码,返回填充后的数据长度 */ //static int fillAESPKCS7Data(char* data) //{ // int left= 0; // int len = strlen(data); // if(len%AES_BLOCK_SIZE != 0) // { // left = AES_BLOCK_SIZE-strlen(data)%AES_BLOCK_SIZE; // // } // else // { // left = AES_BLOCK_SIZE; // } // memset(data+strlen(data),left,left); // len+=left; // return len; //} static int fillAESPKCS7DataWithLength(uint8_t * data, uint16_t data_length) { int left= 0; int len = data_length; if(len%AES_BLOCK_SIZE != 0) { left = AES_BLOCK_SIZE - data_length%AES_BLOCK_SIZE; } else { left = AES_BLOCK_SIZE; } memset(data + data_length, left, left); len += left; return len; } /** * 去除源码无效数据 */ static void cutAESPKCS7Data(char* data) { int i= 0; int size = strlen(data); for(i=size-1;data[i]>0&&data[i] KEY_IOPAD_SIZE) { return; } //hmac sha1加密处理 mbedtls_sha1_context context; unsigned char k_ipad[KEY_IOPAD_SIZE]; /* inner padding - key XORd with ipad */ unsigned char k_opad[KEY_IOPAD_SIZE]; /* outer padding - key XORd with opad */ unsigned char out[SHA1_DIGEST_SIZE]; int i; /* start out by storing key in pads */ memset(k_ipad, 0, sizeof(k_ipad)); memset(k_opad, 0, sizeof(k_opad)); memcpy(k_ipad, key, key_len); memcpy(k_opad, key, key_len); /* XOR key with ipad and opad values */ for (i = 0; i < KEY_IOPAD_SIZE; i++) { k_ipad[i] ^= 0x36; k_opad[i] ^= 0x5c; } /* perform inner MD5 */ mbedtls_sha1_init(&context); /* init context for 1st pass */ mbedtls_sha1_starts(&context); /* setup context for 1st pass */ mbedtls_sha1_update(&context, k_ipad, KEY_IOPAD_SIZE); /* start with inner pad */ mbedtls_sha1_update(&context, (unsigned char *) msg, msg_len); /* then text of datagram */ mbedtls_sha1_finish(&context, out); /* finish up 1st pass */ /* perform outer MD5 */ mbedtls_sha1_init(&context); /* init context for 2nd pass */ mbedtls_sha1_starts(&context); /* setup context for 2nd pass */ mbedtls_sha1_update(&context, k_opad, KEY_IOPAD_SIZE); /* start with outer pad */ mbedtls_sha1_update(&context, out, SHA1_DIGEST_SIZE); /* then results of 1st hash */ mbedtls_sha1_finish(&context, out); /* finish up 2nd pass */ //加密后的数据16进制输出 byteToHexStr(out,digest,SHA1_DIGEST_SIZE); mbedtls_sha1_free(&context); } //static char testhexdata[512] ={0}; void utils_sha256(const char *msg, int msg_len, char * digest) { //hmac sha1加密处理 mbedtls_sha256_context context; // memset(testhexdata, 0, sizeof(testhexdata)); /* perform inner MD5 */ mbedtls_sha256_init(&context); /* init context for 1st pass */ mbedtls_sha256_starts(&context,0); /* setup context for 1st pass */ mbedtls_sha256_update(&context, (unsigned char *) msg, msg_len); /* then text of datagram */ mbedtls_sha256_finish(&context, (unsigned char *) digest); /* finish up 1st pass */ mbedtls_sha256_free(&context); // byteToHexStr((const unsigned char *)digest,testhexdata, strlen((char * )digest)); // Log_Printf_Debug("数据报文msg:%s,%d\r\n", msg,msg_len); // Log_Printf_Debug("数据报文digest:%s\r\n", testhexdata); } //void utils_sha256_str(const char *msg, int msg_len, char *digest) //{ // //hmac sha1加密处理 // //mbedtls_sha256_context context; // unsigned char out[SHA256_DIGEST_SIZE]; // // utils_sha256(msg,msg_len, (char * )out); // // //加密后的数据16进制输出 // byteToHexStr(out,digest,SHA256_DIGEST_SIZE); // //} /** *AES CBC加密 , plaintext:源数据,ciphertext:加密数据, 返回加密长度 */ char iv_use[16] = {0}; //int utils_aes128_cbc_enc(uint8_t * aes_key, char *iv, char *plaintext, char *ciphertext) //{ // // memset(testhexdata, 0, sizeof(testhexdata)); // byteToHexStr((const unsigned char *)aes_key,testhexdata, 16); // Log_Printf_Debug("数据报文aes_key:%s,iv:%s\r\n", testhexdata,iv); // memset(testhexdata, 0, sizeof(testhexdata)); // memset(plaintextdata, 0, sizeof(plaintextdata)); // mbedtls_aes_context aes_ctx; // if(strlen(plaintext)+16 > AES_LEN_SIZE) return 0; // memset(iv_use,0,sizeof(iv_use)); // memcpy(iv_use,iv,16); // memcpy(plaintextdata,(const char *)plaintext,strlen(plaintext)); // byteToHexStr((const unsigned char *)plaintextdata,testhexdata, strlen((char * )plaintextdata)); // Log_Printf_Debug("数据报文加密数据plaintextdata:%s\r\n", testhexdata); //// int len = fillAESPKCS7Data(plaintextdata); // int len = fillAESPKCS7DataWithLength((uint8_t *)plaintextdata, strlen((char * )plaintextdata)); // memset(testhexdata, 0, sizeof(testhexdata)); // byteToHexStr((const unsigned char *)plaintextdata,testhexdata, len); // Log_Printf_Debug("数据报文加密数据填充后plaintextdata:%s\r\n", testhexdata); // // mbedtls_aes_init(&aes_ctx); // //setkey_dec // mbedtls_aes_setkey_enc(&aes_ctx, aes_key, 128); // mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT, len, (unsigned char * )iv_use, (unsigned char * )plaintextdata, (unsigned char * )ciphertext); // byteToHexStr((const unsigned char *)ciphertext,testhexdata, len); // Log_Printf_Debug("数据报文加密数据后ciphertext:%s,ciphertext:%d,testhexdata:%d,len2:%d\r\n", testhexdata,strlen((char * )ciphertext),strlen(testhexdata),len); // // // mbedtls_aes_free(&aes_ctx); // return len; //OK //} int utils_aes128_cbc_enc_with_length(uint8_t *aes_key, char *iv, uint8_t * plaintext, uint16_t plaintext_length, uint8_t * ciphertext) { memset(plaintextdata, 0, sizeof(plaintextdata)); mbedtls_aes_context aes_ctx; if(plaintext_length + 16 > AES_LEN_SIZE) return -1; memset(iv_use,0,sizeof(iv_use)); memcpy(iv_use,iv,16); memcpy(plaintextdata, (const char *)plaintext, plaintext_length); int len = fillAESPKCS7DataWithLength((uint8_t *)plaintextdata, plaintext_length); mbedtls_aes_init(&aes_ctx); //setkey_dec mbedtls_aes_setkey_enc(&aes_ctx, (unsigned char * )aes_key, 128); mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_ENCRYPT, len, (unsigned char * )iv_use, (unsigned char * )plaintextdata, (unsigned char * )ciphertext); mbedtls_aes_free(&aes_ctx); return len; //OK } /** *AES ECB加密 , src:源数据,dataLen:数据长度,ciphertext:加密数据, 返回加密长度 */ int utils_aes128_ECB_base64_enc_with_length(char *aes_key, uint8_t * plaintext) { int times=0; memset(plaintextdata, 0, sizeof(plaintextdata)); mbedtls_aes_context aes_ctx; if(strlen((const char *)plaintext) + 16 > AES_LEN_SIZE) return -1; memcpy(plaintextdata, plaintext, strlen((const char *)plaintext)); int len = fillAESPKCS7DataWithLength((uint8_t *)plaintextdata, strlen((const char *)plaintext)); mbedtls_aes_init(&aes_ctx); //setkey_dec mbedtls_aes_setkey_enc(&aes_ctx, (unsigned char * )aes_key, 128); while(times*AES_BLOCK_SIZE AES_LEN_SIZE) return -1; memcpy(plaintextdata, plaintext, strlen((const char *)plaintext)); mbedtls_aes_init(&aes_ctx); //setkey_dec mbedtls_aes_setkey_dec(&aes_ctx, (unsigned char * )aes_key, 128); while(times*AES_BLOCK_SIZEAES_LEN_SIZE) return 0; memcpy(iv_use,iv,16); mbedtls_aes_init(&aes_ctx); //setkey_dec mbedtls_aes_setkey_dec(&aes_ctx, aes_key, 128); mbedtls_aes_crypt_cbc(&aes_ctx, MBEDTLS_AES_DECRYPT, len, (unsigned char * )iv_use, (unsigned char * )ciphertext, (unsigned char * )plaintext); cutAESPKCS7Data((char *)plaintext); mbedtls_aes_free(&aes_ctx); return strlen(plaintext); //OK } ///** //*AES CBC加密 , src:源数据,dataLen:数据长度,ciphertext:加密数据, 返回加密长度 //*/ //int utils_aes128_cbc_base64_enc(char *aes_key, char *iv, uint8_t *src,int dataLen, char *ciphertext) //{ // size_t len; // // memset(buffer, 0, sizeof(buffer)); // if(dataLen+16 > AES_LEN_SIZE) return 0; // // int ret = mbedtls_base64_encode( buffer, sizeof( buffer ), &len, src, dataLen ); // printf("base64_encode:%s\r\n",buffer); // if(ret) // { // printf("base64 encode err:%d",ret); // return 0; // } // return utils_aes128_cbc_enc(aes_key,iv,(char * )buffer,ciphertext); // //} ///** //*AES CBC解密 ciphertext:加密数据, len:加密数据长度,plaintext:解密到的数据 //*/ //int utils_aes128_cbc_base64_dec(char *aes_key, char *iv, char *ciphertext, int dataLen, char *plaintext,int plainLen) //{ // size_t len = 0; // memset(buffer, '\0', sizeof(buffer)); // int retlen = utils_aes128_cbc_dec(aes_key,iv,ciphertext,dataLen,(char * )buffer); // if(retlen) // { // printf("base64_encode2:%s\r\n",buffer); // int ret = mbedtls_base64_decode((unsigned char * )plaintext, plainLen, &len, buffer, retlen); // if(ret) // { // printf("base64 decode err:%d,%d",ret,retlen); // len = 0; // } // } // return len; //}