1# 使用AES对称密钥(GCM模式)分段加解密(ArkTS)
2
3
4对应的算法规格请查看[对称密钥加解密算法规格:AES](crypto-sym-encrypt-decrypt-spec.md#aes)。
5
6
7**加密**
8
9
101. 调用[cryptoFramework.createSymKeyGenerator](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatesymkeygenerator)、[SymKeyGenerator.generateSymKey](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#generatesymkey-1),生成密钥算法为AES、密钥长度为128位的对称密钥(SymKey)。
11
12   如何生成AES对称密钥,开发者可参考下文示例,并结合[对称密钥生成和转换规格:AES](crypto-sym-key-generation-conversion-spec.md#aes)和[随机生成对称密钥](crypto-generate-sym-key-randomly.md)理解,参考文档与当前示例可能存在入参差异,请在阅读时注意区分。
13
142. 调用[cryptoFramework.createCipher](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#cryptoframeworkcreatecipher),指定字符串参数'AES128|GCM|PKCS7',创建对称密钥类型为AES128、分组模式为GCM、填充模式为PKCS7的Cipher实例,用于完成加解密操作。
15
163. 调用[Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1),设置模式为加密(CryptoMode.ENCRYPT_MODE),指定加密密钥(SymKey)和GCM模式对应的加密参数(GcmParamsSpec),初始化加密Cipher实例。
17
184. 将一次传入数据量设置为20字节,多次调用[Cipher.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-1),更新数据(明文)。
19
20   - 当前单次update长度没有限制,开发者可以根据数据量判断如何调用update。
21   - 建议开发者对每次update的结果都判断是否为null,并在结果不为null时取出其中的数据进行拼接,形成完整的密文。因为在不同的规格下,update的结果可能会受到不同影响。
22
23      1)比如ECB和CBC模式,始终以分组作为基本单位来加密,并输出本次update产生的加密分组结果。即当本次update操作凑满一个分组就输出密文,没有凑满则此次update输出null,将未加密的数据与下次输入的数据拼接凑分组再输出。等到最后doFinal的时候,将未加密的数据,根据指定的填充模式进行填充,在输出剩余加密结果。解密过程中的update同理。
24
25      2)对于流加密模式(比如CTR和OFB模式),通常密文长度和明文长度相等。
26
275. 调用[Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1),获取加密后的数据。
28
29   - 由于已使用update传入数据,此处data传入null。
30   - doFinal输出结果可能为null,在访问具体数据前,需要先判断结果是否为null,避免产生异常。
31
326. 读取[GcmParamsSpec](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#gcmparamsspec).authTag作为解密的认证信息。
33
34   在GCM模式下,需要从加密后的数据中取出末尾16字节,作为解密时初始化的认证信息。示例中authTag恰好为16字节。
35
36
37**解密**
38
39
401. 调用[Cipher.init](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#init-1),设置模式为解密(CryptoMode.DECRYPT_MODE),指定解密密钥(SymKey)和GCM模式对应的解密参数(GcmParamsSpec),初始化解密Cipher实例。
41
422. 将一次传入数据量设置为20字节,多次调用[Cipher.update](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#update-1),更新数据(密文)。
43
443. 调用[Cipher.doFinal](../../reference/apis-crypto-architecture-kit/js-apis-cryptoFramework.md#dofinal-1),获取解密后的数据。
45
46
47- 异步方法示例:
48
49  ```ts
50  import { cryptoFramework } from '@kit.CryptoArchitectureKit';
51  import { buffer } from '@kit.ArkTS';
52
53  function generateRandom(len: number) {
54    let rand = cryptoFramework.createRandom();
55    let generateRandSync = rand.generateRandomSync(len);
56    return generateRandSync;
57  }
58
59  function genGcmParamsSpec() {
60    let ivBlob = generateRandom(12);
61    let arr = [1, 2, 3, 4, 5, 6, 7, 8]; // 8 bytes
62    let dataAad = new Uint8Array(arr);
63    let aadBlob: cryptoFramework.DataBlob = { data: dataAad };
64    arr = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; // 16 bytes
65    let dataTag = new Uint8Array(arr);
66    let tagBlob: cryptoFramework.DataBlob = {
67      data: dataTag
68    }; // The GCM authTag is obtained by doFinal() in encryption and passed in params of init() in decryption.
69    let gcmParamsSpec: cryptoFramework.GcmParamsSpec = {
70      iv: ivBlob,
71      aad: aadBlob,
72      authTag: tagBlob,
73      algName: "GcmParamsSpec"
74    };
75    return gcmParamsSpec;
76  }
77  let gcmParams = genGcmParamsSpec();
78  // 分段加密消息
79  async function encryptMessageUpdateBySegment(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) {
80    let cipher = cryptoFramework.createCipher('AES128|GCM|PKCS7');
81    await cipher.init(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, gcmParams);
82    let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求
83    let cipherText = new Uint8Array();
84    for (let i = 0; i < plainText.data.length; i += updateLength) {
85      let updateMessage = plainText.data.subarray(i, i + updateLength);
86      let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage };
87      // 分段update
88      let updateOutput = await cipher.update(updateMessageBlob);
89      // 把update的结果拼接起来,得到密文(有些情况下还需拼接doFinal的结果,这取决于分组模式
90      // 和填充模式,本例中GCM模式的doFinal结果只包含authTag而不含密文,所以不需要拼接)
91      let mergeText = new Uint8Array(cipherText.length + updateOutput.data.length);
92      mergeText.set(cipherText);
93      mergeText.set(updateOutput.data, cipherText.length);
94      cipherText = mergeText;
95    }
96    gcmParams.authTag = await cipher.doFinal(null);
97    let cipherBlob: cryptoFramework.DataBlob = { data: cipherText };
98    return cipherBlob;
99  }
100  // 分段解密消息
101  async function decryptMessagePromise(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) {
102    let decoder = cryptoFramework.createCipher('AES128|GCM|PKCS7');
103    await decoder.init(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, gcmParams);
104    let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求
105    let decryptText = new Uint8Array();
106    for (let i = 0; i < cipherText.data.length; i += updateLength) {
107      let updateMessage = cipherText.data.subarray(i, i + updateLength);
108      let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage };
109      // 分段update
110      let updateOutput = await decoder.update(updateMessageBlob);
111      // 把update的结果拼接起来,得到明文
112      let mergeText = new Uint8Array(decryptText.length + updateOutput.data.length);
113      mergeText.set(decryptText);
114      mergeText.set(updateOutput.data, decryptText.length);
115      decryptText = mergeText;
116    }
117    let decryptData = await decoder.doFinal(null);
118    if (decryptData == null) {
119      console.info('GCM decrypt success, decryptData is null');
120    }
121    let decryptBlob: cryptoFramework.DataBlob = { data: decryptText };
122    return decryptBlob;
123  }
124  async function genSymKeyByData(symKeyData: Uint8Array) {
125    let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData };
126    let aesGenerator = cryptoFramework.createSymKeyGenerator('AES128');
127    let symKey = await aesGenerator.convertKey(symKeyBlob);
128    console.info('convertKey success');
129    return symKey;
130  }
131  async function aes() {
132    let keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]);
133    let symKey = await genSymKeyByData(keyData);
134    let message = "aaaaa.....bbbbb.....ccccc.....ddddd.....eee"; // 假设信息总共43字节,根据utf-8解码后,也是43字节
135    let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) };
136    let encryptText = await encryptMessageUpdateBySegment(symKey, plainText);
137    let decryptText = await decryptMessagePromise(symKey, encryptText);
138    if (plainText.data.toString() === decryptText.data.toString()) {
139      console.info('decrypt ok');
140      console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8'));
141    } else {
142      console.error('decrypt failed');
143    }
144  }
145  ```
146
147- 同步方法示例:
148
149  ```ts
150  import { cryptoFramework } from '@kit.CryptoArchitectureKit';
151  import { buffer } from '@kit.ArkTS';
152
153  function generateRandom(len: number) {
154    let rand = cryptoFramework.createRandom();
155    let generateRandSync = rand.generateRandomSync(len);
156    return generateRandSync;
157  }
158
159  function genGcmParamsSpec() {
160    let ivBlob = generateRandom(12);
161    let arr = [1, 2, 3, 4, 5, 6, 7, 8]; // 8 bytes
162    let dataAad = new Uint8Array(arr);
163    let aadBlob: cryptoFramework.DataBlob = { data: dataAad };
164    arr = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]; // 16 bytes
165    let dataTag = new Uint8Array(arr);
166    let tagBlob: cryptoFramework.DataBlob = {
167      data: dataTag
168    }; // The GCM authTag is obtained by doFinal() in encryption and passed in params of init() in decryption.
169    let gcmParamsSpec: cryptoFramework.GcmParamsSpec = {
170      iv: ivBlob,
171      aad: aadBlob,
172      authTag: tagBlob,
173      algName: "GcmParamsSpec"
174    };
175    return gcmParamsSpec;
176  }
177  let gcmParams = genGcmParamsSpec();
178  // 分段加密消息
179  function encryptMessageUpdateBySegment(symKey: cryptoFramework.SymKey, plainText: cryptoFramework.DataBlob) {
180    let cipher = cryptoFramework.createCipher('AES128|GCM|PKCS7');
181    cipher.initSync(cryptoFramework.CryptoMode.ENCRYPT_MODE, symKey, gcmParams);
182    let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求
183    let cipherText = new Uint8Array();
184    for (let i = 0; i < plainText.data.length; i += updateLength) {
185      let updateMessage = plainText.data.subarray(i, i + updateLength);
186      let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage };
187      // 分段update
188      let updateOutput = cipher.updateSync(updateMessageBlob);
189      // 把update的结果拼接起来,得到密文(有些情况下还需拼接doFinal的结果,这取决于分组模式
190      // 和填充模式,本例中GCM模式的doFinal结果只包含authTag而不含密文,所以不需要拼接)
191      let mergeText = new Uint8Array(cipherText.length + updateOutput.data.length);
192      mergeText.set(cipherText);
193      mergeText.set(updateOutput.data, cipherText.length);
194      cipherText = mergeText;
195    }
196    gcmParams.authTag = cipher.doFinalSync(null);
197    let cipherBlob: cryptoFramework.DataBlob = { data: cipherText };
198    return cipherBlob;
199  }
200  // 分段解密消息
201  function decryptMessage(symKey: cryptoFramework.SymKey, cipherText: cryptoFramework.DataBlob) {
202    let decoder = cryptoFramework.createCipher('AES128|GCM|PKCS7');
203    decoder.initSync(cryptoFramework.CryptoMode.DECRYPT_MODE, symKey, gcmParams);
204    let updateLength = 20; // 假设以20字节为单位进行分段update,实际并无要求
205    let decryptText = new Uint8Array();
206    for (let i = 0; i < cipherText.data.length; i += updateLength) {
207      let updateMessage = cipherText.data.subarray(i, i + updateLength);
208      let updateMessageBlob: cryptoFramework.DataBlob = { data: updateMessage };
209      // 分段update
210      let updateOutput = decoder.updateSync(updateMessageBlob);
211      // 把update的结果拼接起来,得到明文
212      let mergeText = new Uint8Array(decryptText.length + updateOutput.data.length);
213      mergeText.set(decryptText);
214      mergeText.set(updateOutput.data, decryptText.length);
215      decryptText = mergeText;
216    }
217    let decryptData = decoder.doFinalSync(null);
218    if (decryptData == null) {
219      console.info('GCM decrypt success, decryptData is null');
220    }
221    let decryptBlob: cryptoFramework.DataBlob = { data: decryptText };
222    return decryptBlob;
223  }
224  function genSymKeyByData(symKeyData: Uint8Array) {
225    let symKeyBlob: cryptoFramework.DataBlob = { data: symKeyData };
226    let aesGenerator = cryptoFramework.createSymKeyGenerator('AES128');
227    let symKey = aesGenerator.convertKeySync(symKeyBlob);
228    console.info('convertKeySync success');
229    return symKey;
230  }
231  function main() {
232    let keyData = new Uint8Array([83, 217, 231, 76, 28, 113, 23, 219, 250, 71, 209, 210, 205, 97, 32, 159]);
233    let symKey = genSymKeyByData(keyData);
234    let message = "aaaaa.....bbbbb.....ccccc.....ddddd.....eee"; // 假设信息总共43字节,根据utf-8解码后,也是43字节
235    let plainText: cryptoFramework.DataBlob = { data: new Uint8Array(buffer.from(message, 'utf-8').buffer) };
236    let encryptText = encryptMessageUpdateBySegment(symKey, plainText);
237    let decryptText = decryptMessage(symKey, encryptText);
238    if (plainText.data.toString() === decryptText.data.toString()) {
239      console.info('decrypt ok');
240      console.info('decrypt plainText: ' + buffer.from(decryptText.data).toString('utf-8'));
241    } else {
242      console.error('decrypt failed');
243    }
244  }
245
246  ```
247