1# Encryption and Decryption with an SM4 Symmetric Key (ECB Mode) (C/C++) 2 3 4For details about the algorithm specifications, see [SM4](crypto-sym-encrypt-decrypt-spec.md#sm4). 5 6## Adding the Dynamic Library in the CMake Script 7```txt 8 target_link_libraries(entry PUBLIC libohcrypto.so) 9``` 10 11**Encryption** 12 13 141. Use [OH_CryptoSymKeyGenerator_Create](../../reference/apis-crypto-architecture-kit/_crypto_sym_key_api.md#oh_cryptosymkeygenerator_create) and [OH_CryptoSymKeyGenerator_Generate](../../reference/apis-crypto-architecture-kit/_crypto_sym_key_api.md#oh_cryptosymkeygenerator_generate) to generate a 128-bit SM4 symmetric key (**OH_CryptoSymKey**). 15 16 In addition to the example in this topic, [SM4](crypto-sym-key-generation-conversion-spec.md#sm4) and [Randomly Generating a Symmetric Key](crypto-generate-sym-key-randomly-ndk.md) may help you better understand how to generate an SM4 symmetric key. Note that the input parameters in the reference documents may be different from those in the example below. 17 182. Use [OH_CryptoSymCipher_Create](../../reference/apis-crypto-architecture-kit/_crypto_sym_cipher_api.md#oh_cryptosymcipher_create) with the string parameter **'SM4_128|ECB|PKCS7'** to create a **Cipher** instance. The key type is **SM4_128**, block cipher mode is **ECB**, and the padding mode is **PKCS7**. 19 203. Use [OH_CryptoSymCipher_Init](../../reference/apis-crypto-architecture-kit/_crypto_sym_cipher_api.md#oh_cryptosymcipher_init) to initialize the **Cipher** instance. Specifically, set **mode** to **CRYPTO_ENCRYPT_MODE**, and specify the key for encryption (**OH_CryptoSymKey**). 21 22 When ECB mode is used, pass in **null** in **params**. 23 244. Use [OH_CryptoSymCipher_Update](../../reference/apis-crypto-architecture-kit/_crypto_sym_cipher_api.md#oh_cryptosymcipher_update) to update the data (plaintext) to be encrypted. 25 26 - If a small amount of data is to be encrypted, you can use **OH_CryptoSymCipher_Final()** immediately after **OH_CryptoSymCipher_Init()**. 27 - If a large amount of data is to be encrypted, you can call **OH_CryptoSymCipher_Update()** multiple times to pass in the data by segment. 28 295. Use [OH_CryptoSymCipher_Final](../../reference/apis-crypto-architecture-kit/_crypto_sym_cipher_api.md#oh_cryptosymcipher_final) to generate the ciphertext. 30 31 - If data has been passed in by **OH_CryptoSymCipher_Update()**, pass in **null** in the **data** parameter of **OH_CryptoSymCipher_Final**. 32 - The output of **OH_CryptoSymCipher_Final** may be **null**. To avoid exceptions, always check whether the result is **null** before accessing specific data. 33 346. Use [OH_CryptoSymKeyGenerator_Destroy](../../reference/apis-crypto-architecture-kit/_crypto_sym_key_api.md#oh_cryptosymkeygenerator_destroy), [OH_CryptoSymCipher_Destroy](../../reference/apis-crypto-architecture-kit/_crypto_sym_cipher_api.md#oh_cryptosymcipher_destroy), and [OH_CryptoSymCipherParams_Destroy](../../reference/apis-crypto-architecture-kit/_crypto_sym_cipher_api.md#oh_cryptosymcipherparams_destroy) to destroy the instances created. 35 36 37**Decryption** 38 39 401. Use [OH_CryptoSymCipher_Init](../../reference/apis-crypto-architecture-kit/_crypto_sym_cipher_api.md#oh_cryptosymcipher_init) to initialize the **Cipher** instance. Specifically, set **mode** to **CRYPTO_DECRYPT_MODE**, and specify the key for decryption (**OH_CryptoSymKey**). When ECB mode is used, pass in **null** in **params**. 41 422. Use [OH_CryptoSymCipher_Update](../../reference/apis-crypto-architecture-kit/_crypto_sym_cipher_api.md#oh_cryptosymcipher_update) to update the data (ciphertext) to be decrypted. 43 443. Use [OH_CryptoSymCipher_Final](../../reference/apis-crypto-architecture-kit/_crypto_sym_cipher_api.md#oh_cryptosymcipher_final) to generate the plaintext. 45 46 47**Example** 48 49```c++ 50#include "CryptoArchitectureKit/crypto_common.h" 51#include "CryptoArchitectureKit/crypto/crypto_sym_cipher.h" 52#include <string.h> 53 54static OH_Crypto_ErrCode doTestSm4Ecb() { 55 OH_CryptoSymKeyGenerator *genCtx = nullptr; 56 OH_CryptoSymCipher *encCtx = nullptr; 57 OH_CryptoSymCipher *decCtx = nullptr; 58 OH_CryptoSymKey *keyCtx = nullptr; 59 OH_CryptoSymCipherParams *params = nullptr; 60 char *plainText = const_cast<char *>("this is test!"); 61 Crypto_DataBlob input = {.data = (uint8_t *)(plainText), .len = strlen(plainText)}; 62 Crypto_DataBlob outUpdate = {.data = nullptr, .len = 0}; 63 Crypto_DataBlob decUpdate = {.data = nullptr, .len = 0}; 64 65 // Generate a symmetric key randomly. 66 OH_Crypto_ErrCode ret; 67 ret = OH_CryptoSymKeyGenerator_Create("SM4_128", &genCtx); 68 if (ret != CRYPTO_SUCCESS) { 69 goto end; 70 } 71 ret = OH_CryptoSymKeyGenerator_Generate(genCtx, &keyCtx); 72 if (ret != CRYPTO_SUCCESS) { 73 goto end; 74 } 75 // Create a parameter instance. 76 ret = OH_CryptoSymCipherParams_Create(¶ms); 77 if (ret != CRYPTO_SUCCESS) { 78 goto end; 79 } 80 81 // Encrypt data. 82 ret = OH_CryptoSymCipher_Create("SM4_128|ECB|PKCS7", &encCtx); 83 if (ret != CRYPTO_SUCCESS) { 84 goto end; 85 } 86 ret = OH_CryptoSymCipher_Init(encCtx, CRYPTO_ENCRYPT_MODE, keyCtx, params); 87 if (ret != CRYPTO_SUCCESS) { 88 goto end; 89 } 90 ret = OH_CryptoSymCipher_Final(encCtx, &input, &outUpdate); 91 if (ret != CRYPTO_SUCCESS) { 92 goto end; 93 } 94 95 // Decrypt data. 96 ret = OH_CryptoSymCipher_Create("SM4_128|ECB|PKCS7", &decCtx); 97 if (ret != CRYPTO_SUCCESS) { 98 goto end; 99 } 100 ret = OH_CryptoSymCipher_Init(decCtx, CRYPTO_DECRYPT_MODE, keyCtx, params); 101 if (ret != CRYPTO_SUCCESS) { 102 goto end; 103 } 104 ret = OH_CryptoSymCipher_Final(decCtx, &outUpdate, &decUpdate); 105 if (ret != CRYPTO_SUCCESS) { 106 goto end; 107 } 108 // Release resources. 109end: 110 OH_CryptoSymCipherParams_Destroy(params); 111 OH_CryptoSymCipher_Destroy(encCtx); 112 OH_CryptoSymCipher_Destroy(decCtx); 113 OH_CryptoSymKeyGenerator_Destroy(genCtx); 114 OH_CryptoSymKey_Destroy(keyCtx); 115 OH_Crypto_FreeDataBlob(&outUpdate); 116 OH_Crypto_FreeDataBlob(&decUpdate); 117 return ret; 118} 119``` 120