1# 使用AES对称密钥(CBC模式)加解密(ArkTS)
2
3
4对应的算法规格请查看[对称密钥加解密算法规格:AES](crypto-sym-encrypt-decrypt-spec.md#aes)。
5
6
7**加密**
8
9
101. 调用[cryptoFramework.createSymKeyGenerator](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatesymkeygenerator)、[SymKeyGenerator.generateSymKey](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatesymkey-1),生成密钥算法为AES、密钥长度为128位的对称密钥(SymKey)。
11
12   如何生成AES对称密钥,开发者可参考下文示例,并结合[对称密钥生成和转换规格:AES](crypto-sym-key-generation-conversion-spec.md#aes)和[随机生成对称密钥](crypto-generate-sym-key-randomly.md)理解,参考文档与当前示例可能存在入参差异,请在阅读时注意区分。
13
142. 调用[cryptoFramework.createCipher](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatecipher),指定字符串参数'AES128|CBC|PKCS7',创建对称密钥类型为AES128、分组模式为CBC、填充模式为PKCS7的Cipher实例,用于完成加解密操作。
15
163. 调用[Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1),设置模式为加密(CryptoMode.ENCRYPT_MODE),指定加密密钥(SymKey)和CBC模式对应的加密参数(IvParamsSpec),初始化加密Cipher实例。
17
184. 加密内容较短时,可以不调用update,直接调用[Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1),获取加密后的数据。
19
20
21**解密**
22
23
241. 调用[Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1),设置模式为解密(CryptoMode.DECRYPT_MODE),指定解密密钥(SymKey)和CBC模式对应的解密参数(IvParamsSpec),初始化解密Cipher实例。
25
262. 解密内容较短时,可以不调用update,直接调用[Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1),获取解密后的数据。
27
28
29- 异步方法示例:
30
31  ```ts
32  import { cryptoFramework } from '@kit.CryptoArchitectureKit';
33  import { buffer } from '@kit.ArkTS';
34
35  function generateRandom(len: number) {
36    let rand = cryptoFramework.createRandom();
37    let generateRandSync = rand.generateRandomSync(len);
38    return generateRandSync;
39  }
40
41  function genIvParamsSpec() {
42    let ivBlob = generateRandom(16);
43    let ivParamsSpec: cryptoFramework.IvParamsSpec = {
44      algName: "IvParamsSpec",
45      iv: ivBlob
46    };
47    return ivParamsSpec;
48  }
49  let iv = genIvParamsSpec();
50  // 加密消息
51  async function encryptMessagePromise(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) {
52    let cipher = cryptoFramework.createCipher('AES128|CBC|PKCS7');
53    await cipher.init(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, iv);
54    let cipherData = await cipher.doFinal(plainText);
55    return cipherData;
56  }
57  // 解密消息
58  async function decryptMessagePromise(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) {
59    let decoder = cryptoFramework.createCipher('AES128|CBC|PKCS7');
60    await decoder.init(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, iv);
61    let decryptData = await decoder.doFinal(cipherText);
62    return decryptData;
63  }
64
65  async function genSymKeyByData(symKeyData: Uint8Array) {
66    let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData };
67    let aesGenerator = cryptoFramework.createSymKeyGenerator('AES128');
68    let symKey = await aesGenerator.convertKey(symKeyBlob);
69    console.info('convertKey success');
70    return symKey;
71  }
72
73  async function aesCBC() {
74    try {
75      let keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]);
76      let symKey = await genSymKeyByData(keyData);
77      let message = "This is a test";
78      let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) };
79      let encryptText = await encryptMessagePromise(symKey, plainText);
80      let decryptText = await decryptMessagePromise(symKey, encryptText);
81      if (plainText.data.toString() === decryptText.data.toString()) {
82        console.info('decrypt ok');
83        console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8'));
84      } else {
85        console.error('decrypt failed');
86      }
87    } catch (error) {
88      console.error(`AES CBC “${error}“, error code: ${error.code}`);
89    }
90  }
91  ```
92
93- 同步方法示例:
94
95  ```ts
96  import { cryptoFramework } from '@kit.CryptoArchitectureKit';
97  import { buffer } from '@kit.ArkTS';
98
99  function generateRandom(len: number) {
100    let rand = cryptoFramework.createRandom();
101    let generateRandSync = rand.generateRandomSync(len);
102    return generateRandSync;
103  }
104
105  function genIvParamsSpec() {
106    let ivBlob = generateRandom(16);
107    let ivParamsSpec: cryptoFramework.IvParamsSpec = {
108      algName: "IvParamsSpec",
109      iv: ivBlob
110    };
111    return ivParamsSpec;
112  }
113  let iv = genIvParamsSpec();
114  // 加密消息
115  function encryptMessage(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) {
116    let cipher = cryptoFramework.createCipher('AES128|CBC|PKCS7');
117    cipher.initSync(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, iv);
118    let cipherData = cipher.doFinalSync(plainText);
119    return cipherData;
120  }
121  // 解密消息
122  function decryptMessage(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) {
123    let decoder = cryptoFramework.createCipher('AES128|CBC|PKCS7');
124    decoder.initSync(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, iv);
125    let decryptData = decoder.doFinalSync(cipherText);
126    return decryptData;
127  }
128
129  function genSymKeyByData(symKeyData: Uint8Array) {
130    let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData };
131    let aesGenerator = cryptoFramework.createSymKeyGenerator('AES128');
132    let symKey = aesGenerator.convertKeySync(symKeyBlob);
133    console.info('convertKeySync success');
134    return symKey;
135  }
136
137  function main() {
138    try {
139      let keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]);
140      let symKey = genSymKeyByData(keyData);
141      let message = "This is a test";
142      let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) };
143      let encryptText = encryptMessage(symKey, plainText);
144      let decryptText = decryptMessage(symKey, encryptText);
145      if (plainText.data.toString() === decryptText.data.toString()) {
146        console.info('decrypt ok');
147        console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8'));
148      } else {
149        console.error('decrypt failed');
150      }
151    } catch (error) {
152      console.error(`AES CBC “${error}“, error code: ${error.code}`);
153    }
154  }
155  ```