Description of use of mbedtls and AES encryption method (original PolarSSL), mbedtlspolarssl
About PolarSSL
Mbed TLS(Previously calledPolarSSLIs the implementation of TLS and SSL protocols, and the corresponding encryption algorithm and support code are required. This is a dual license with Apache license version 2.0 (with GPLv2 license also available ). The goal of mbed TLS is "easy to understand, use, integration, and expansion"
The core SSL library is written in C programming language and implements the SSL module. It provides basic encryption functions and various practical functions. Unlike other implementations of OpenSSL and TLS, mbed TLS is designed to be suitable for small embedded devices. The minimum and complete TLS stack requires 60 kb of program space and 64 KB of RAM. It is also highly modular: each component, such as an encryption function, can be used independently of the rest of the framework. The version can also be used in Microsoft Windows and Linux. Because mbed TLS is written in C programming language and has no external dependency,
The later version of PolarSSL is later than 1.3.0. It adds an abstraction layer for Kernel allocation and threads to support better integration with existing embedded operating systems-machine translation. View the original Wikii
It is now called MbedTSL and the PolarSSL source code library, perhaps the most compact ssl code library. Efficient and easy to transplant and integrate. Especially suitable for embedded applications.
That is to say, whether it is embedded or desktop software edition programming, as long as you use encryption algorithms such as AES and RSA, you can directly take the source code and put it into your project for compilation management, you do not need to carry the DLL or install unnecessary libraries, and the algorithm is a standard library, so you know. And OpenSource.
Code reference
I used Google, Baidu, and ice for a long time. I didn't even find a document to add code. I don't know if this is too simple or not, anyway, I have spared a lot of circles in this place. Let's talk about the method below, so that later users don't have to work hard.
1. You can compile it statically and then reference it.
After the download is completed (I can't go to qiang On My Own ):Tls.Mbed. Org)
Extract
You will find the following:
OK. If the windows environment is compiled, you can directly use the "visualc" folder and a bunch of VC ++ project files. I don't want to talk about the rest. If VS201x is available, open F5 and compile *. lib file, the rest of the reference is to reference the content of the static library.
2. If you want to add these source codes to the project
Please refer to this
"Include" contains the library header file, and "library" contains the source file.
Library files are directly merged into your project folder
Header files need trouble: Open the -- copy the "mbedtls" folder and put it in your project file.
After
For
What you need to do is: Option -- attribute -- C ++? -- Add include directory -- add -- select the upper-level file of mbedtls
Why do we need a higher-level file, because the header file contains many such header file references: # include "mbedtls/config. h". If you do not reference it like this, it will do something.
Then, the connector -- add the library directory to enter
The rest of the work becomes simple, just use it.
There is a pitfall in the middle: When you use other people's aes & rsa Algorithms, there are some declarations, because the version will be invalid. At this time, you also need to use the following header file:
Compat-1.3.h
Here are some # define ******. If you don't need it, it will say you didn't declare it ???!!!
If the GCC compiler uses CodeBlocks, you need to set the header file directory, library file directory, and then use it. This library must be able to add your source code for compilation. You need to believe this.
3. About the Aes Algorithm
Because I only use the Aes algorithm, the general idea here is that we know that the Aes algorithm is a symmetric encryption algorithm in the following modes:
EBC: encrypt the data blocks in sequence without 8 or 16 blocks. If the data block is complete, add 0 if the data block is insufficient.
CBC: it is a loop mode in which the ciphertext of the previous group and the plaintext of the current group are differentiated or operated before encryption. This aims to increase the difficulty of cracking.
CFB/OFB is actually a feedback mode, with the goal of enhancing the difficulty of cracking
Reference: http://blog.csdn.net/aaaaatiger/article/details/2525561
If you only use EBC:
Open aes. h and you can see:
You only need to use this. However, you can only input and output 16 bits. That is to say, You need to divide the blocks by yourself. If you do not have enough, you can add 0 bits and 16 bits.
Process:
1. Declare this struct
Mbedtls_aes_context
2. initialize the struct.
Void mbedtls_aes_init (mbedtls_aes_context * ctx );
3. Set the encryption Key
Int mbedtls_aes_setkey_enc (mbedtls_aes_context * ctx, const unsigned char * key,
Unsigned int keybits );
4. Use this function for encryption. Remember to encrypt only 16 characters, including '\ 0', so you need to split the string.
Int mbedtls_aes_crypt_ecb (mbedtls_aes_context * ctx,
Int mode,
Const unsigned char input [16],
Unsigned char output [16]);
The process is this process. If you need this detailed information, you can view the aes. h. Although it is in English, the introduction is still detailed.
I have never used other models (I'm not afraid of it, hum !)
4. If you want to encrypt data for network transmission, remember this: base64.h
The base64 algorithm is available directly.
The focus of frames is very useful.
OK. First, let's see what we want to add.