英创ARM系列工控主板都配有唯一指定MAC,客户使用过程中可以根据MAC地址生产加密字符串,存入KEY文件或是注册表内。然后在程序启动部分添加验证代码,验证这个字符串,从而达到防拷贝的目的。具体方法请参阅:《针对MAC地址的应用程序加密方法》。下文介绍一些常用的加密方法和实现代码。
简单加密算法
这些加密原理非常简单,并且可以由开发人员自由设计加密参数及复杂程度。通过重复多次,或是多种加密方式结合使用,可以达到非常不错的加密效果,完全能够满足一般需求。
1、码表替换
将需加密的每个字符或数字替换成另一个,设计这样一个替换规则表来。
如:
a->c
b->z
…
简单代码如下,可以自定义替换规则表
VOID Test1(BYTE* buf, int len, BYTE* key)
{
int i,j;
char tableA[10]={'a', 'b', 'c', 'd', 'e', 'f', '0', '1', '2', '3'};
char tableB[10]={'0', '1', '2', '3', 'a', 'b', 'c', 'd', 'e', 'f'};
int tablelen = 10;
memcpy(key, buf, len);
for(i=0; i<len; i++)
{
for(j=0; j<tablelen; j++)
{
if (buf[i] == tableA[j])
{
key[i] = tableB[j];
break;
}
}
}
}
调用方法:
传入需要加密的字符串codestr,及加密字符串长度,及生成KEY的BUFFER指针,加密函数执行完毕后将KEY存入该BUFFER中。
Test1((BYTE*)codestr, strlen(codestr), key); //将codestr转成key,长度不变
2、取补码
对需加密的每个字节与自定的值取补,生产新的数据。
简单代码
VOID Test2(BYTE* buf, int len, BYTE* key) //取补码
{
int i;
char table[10]={"emtronix"};
int tablelen = 8;
for(i=0; i<len; i++)
{
key[i] = buf[i]^table[i%8];
}
}
调用方法:
传入需要加密的字符串codestr,及加密字符串长度,及生成KEY的BUFFER指针,加密函数执行完毕后将KEY存入该BUFFER中。
Test2((BYTE*)codestr, strlen(codestr), key); //将codestr转成key,长度不变
3、移位处理
对需加密的每个字节交换高低位,或是整体左移或是右移自定义的位数。
简单代码,交换高低位
VOID Test3(BYTE* buf, int len, BYTE* key) //交换高低位
{
int i;
for(i=0; i<len; i++)
{
key[i] = ((buf[i]&0xf0)>>4)|((buf[i]&0x0f)<<4);
}
}
调用方法:
传入需要加密的字符串codestr,及加密字符串长度,及生成KEY的BUFFER指针,加密函数执行完毕后将KEY存入该BUFFER中。
Test3((BYTE*)codestr, strlen(codestr), key); //将codestr转成key,长度不变
4、插入随机无效数据
通过大量原数据及加密后数据的观察,通过计算机暴力计算,也许有破解加密规则的可能性。那么在指定位置加入随机的无效的数据,再进行加密,可以大大增加破解的难度。
简单代码
VOID Test4(BYTE* buf, int len, BYTE* key) //增加无效数据
{
int i;
for(i=0; i<len; i++)
{
key[i*2] = buf[i];
key[i*2+1] = rand()&0xff;
}
}
调用方法:
传入需要加密的字符串codestr,及加密字符串长度,及生成KEY的BUFFER指针,加密函数执行完毕后将KEY存入该BUFFER中。
Test4 ((BYTE*)codestr, strlen(codestr), key); //将codestr转成key,长度增加一倍
5、TEA加密
TEA(Tiny Encryption Algorithm)是一种极为简单的对称加密算法,运用比较普遍,它不是通过算法的复杂性来保证的,而是依赖加密的轮数来保证。这种算法采用一个128位的密钥来加密64位的数据明文,能产生一个64位的密文。具有较好的抗差分性能。
代码如下:
/**********************************************************
Input values: k[4] 128位密钥
v[2] 加密时位明文,解密时位密文
Output values: v[2] 加密时位密文,解密时位明文
**********************************************************/
void tea(DWORD *k, DWORD *v, long N ) //如果N为负值就是解密过程,相应的v就为密文,密钥k一共就有k[0]、k[1]、k[2]、k[3]四个元素
{
DWORD DELTA = 0x9e3779b9; /* sqr(5)-1 * 2^31 */
DWORD y=v[0], z=v[1]; //y为明文或密文高位,z为明文或密文低位
DWORD limit,sum=0; //sum为部分和
if(N>0) { /* 加密过程*/
limit=DELTA*N;
while(sum!=limit) { //注意:高位和地位交叉运算,利用sum操作的低两位进行密钥的部分选择
y+=((z<<4)^(z>>5)) + (z^sum) + k[sum&3];
sum+=DELTA;
z+=((y<<4)^(y>>5)) + (y^sum) + k[(sum>>11)&3];
}
} else { /* 解密过程,就是加密算法简单的反向运算*/
sum=DELTA*(-N);
while(sum) {
z-=((y<<4)^(y>>5)) + (y^sum) + k[(sum>>11)&3];
sum-=DELTA;
y-=((z<<4)^(z>>5)) + (z^sum) + k[sum&3];
}
}
v[0]=y; v[1]=z;
}
加密示例
DWORD k[4] = {5, 7, 100, 200}; //加密用的密钥,位,自由设定
DWORD v[2] = {45, 77}; //待加密的数据,位
tea(k, v, 32); //加密32轮,操作后v数组已经变化
tea(k, v, -32); //解密32轮(负数表示解密),解密后v变回原来的{45, 77}
常见加密算法
有一些公开的,著名的加密算法,在很多地方都有应用。比如MD5、哈希加密、RSA及DES加密。这里简单介绍下MD5的加密方法。
MD5加密
MD5被广泛应用在认证应用中,它的好处在于对任何一段数据都能加密成一段唯一对应的KEY。并且即使公布算法,在得知KEY的情况下也无法逆推出原数据。
MD5加密算法可以参考网上资料http://baike.baidu.com/view/7636.htm,生成32位MD5的代码如下。
#include "StdAfx.h"
typedef struct {
unsigned int state[4];
unsigned int count[2];
unsigned char buffer[64];
} MD5Context;
void MD5_Init(MD5Context * context);
void MD5_Update(MD5Context * context, unsigned char * buf, int len);
void MD5_Final(MD5Context * context, unsigned char digest[16]);
#define S11 7
#define S12 12
#define S13 17
#define S14 22
#define S21 5
#define S22 9
#define S23 14
#define S24 20
#define S31 4
#define S32 11
#define S33 16
#define S34 23
#define S41 6
#define S42 10
#define S43 15
#define S44 21
static unsigned char PADDING[64] =
{
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
};
#define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
#define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
#define H(x, y, z) ((x) ^ (y) ^ (z))
#define I(x, y, z) ((y) ^ ((x) | (~z)))
#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
#define FF(a, b, c, d, x, s, ac) \
{ \
(a) += F((b), (c), (d)) + (x) + (unsigned int)(ac); \
(a) = ROTATE_LEFT((a), (s)); \
(a) += (b); \
}
#define GG(a, b, c, d, x, s, ac) \
{ \
(a) += G((b), (c), (d)) + (x) + (unsigned int)(ac); \
(a) = ROTATE_LEFT((a), (s)); \
(a) += (b); \
}
#define HH(a, b, c, d, x, s, ac) \
{ \
(a) += H((b), (c), (d)) + (x) + (unsigned int)(ac); \
(a) = ROTATE_LEFT((a), (s)); \
(a) += (b); \
}
#define II(a, b, c, d, x, s, ac) \
{ \
(a) += I((b), (c), (d)) + (x) + (unsigned int)(ac); \
(a) = ROTATE_LEFT((a), (s)); \
(a) += (b); \
}
static void MD5_Encode(unsigned char * output, unsigned int * input, int len)
{
unsigned int i, j;
for (i = 0, j = 0; j < len; i++, j += 4)
{
output[j] = (unsigned char) (input[i] & 0xff);
output[j + 1] = (unsigned char) ((input[i] >> 8) & 0xff);
output[j + 2] = (unsigned char) ((input[i] >> 16) & 0xff);
output[j + 3] = (unsigned char) ((input[i] >> 24) & 0xff);
}
}
static void MD5_Decode(unsigned int * output, unsigned char * input, int len)
{
unsigned int i, j;
for (i = 0, j = 0; j < len; i++, j += 4)
{
output[i] = ((unsigned int) input[j]) |
(((unsigned int) input[j + 1]) << 8) |
(((unsigned int) input[j + 2]) << 16) |
(((unsigned int) input[j + 3]) << 24);
}
}
static void MD5_Transform(unsigned int state[4], unsigned char block[64])
{
unsigned int a = state[0], b = state[1], c = state[2], d = state[3], x[16];
MD5_Decode(x, block, 64);
/* Round 1 */
FF(a, b, c, d, x[0], S11, 0xd76aa478); /* 1 */
FF(d, a, b, c, x[1], S12, 0xe8c7b756); /* 2 */
FF(c, d, a, b, x[2], S13, 0x242070db); /* 3 */
FF(b, c, d, a, x[3], S14, 0xc1bdceee); /* 4 */
FF(a, b, c, d, x[4], S11, 0xf57c0faf); /* 5 */
FF(d, a, b, c, x[5], S12, 0x4787c62a); /* 6 */
FF(c, d, a, b, x[6], S13, 0xa8304613); /* 7 */
FF(b, c, d, a, x[7], S14, 0xfd469501); /* 8 */
FF(a, b, c, d, x[8], S11, 0x698098d8); /* 9 */
FF(d, a, b, c, x[9], S12, 0x8b44f7af); /* 10 */
FF(c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */
FF(b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */
FF(a, b, c, d, x[12], S11, 0x6b901122); /* 13 */
FF(d, a, b, c, x[13], S12, 0xfd987193); /* 14 */
FF(c, d, a, b, x[14], S13, 0xa679438e); /* 15 */
FF(b, c, d, a, x[15], S14, 0x49b40821); /* 16 */
/* Round 2 */
GG(a, b, c, d, x[1], S21, 0xf61e2562); /* 17 */
GG(d, a, b, c, x[6], S22, 0xc040b340); /* 18 */
GG(c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */
GG(b, c, d, a, x[0], S24, 0xe9b6c7aa); /* 20 */
GG(a, b, c, d, x[5], S21, 0xd62f105d); /* 21 */
GG(d, a, b, c, x[10], S22, 0x2441453); /* 22 */
GG(c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */
GG(b, c, d, a, x[4], S24, 0xe7d3fbc8); /* 24 */
GG(a, b, c, d, x[9], S21, 0x21e1cde6); /* 25 */
GG(d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */
GG(c, d, a, b, x[3], S23, 0xf4d50d87); /* 27 */
GG(b, c, d, a, x[8], S24, 0x455a14ed); /* 28 */
GG(a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */
GG(d, a, b, c, x[2], S22, 0xfcefa3f8); /* 30 */
GG(c, d, a, b, x[7], S23, 0x676f02d9); /* 31 */
GG(b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */
/* Round 3 */
HH(a, b, c, d, x[5], S31, 0xfffa3942); /* 33 */
HH(d, a, b, c, x[8], S32, 0x8771f681); /* 34 */
HH(c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */
HH(b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */
HH(a, b, c, d, x[1], S31, 0xa4beea44); /* 37 */
HH(d, a, b, c, x[4], S32, 0x4bdecfa9); /* 38 */
HH(c, d, a, b, x[7], S33, 0xf6bb4b60); /* 39 */
HH(b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */
HH(a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */
HH(d, a, b, c, x[0], S32, 0xeaa127fa); /* 42 */
HH(c, d, a, b, x[3], S33, 0xd4ef3085); /* 43 */
HH(b, c, d, a, x[6], S34, 0x4881d05); /* 44 */
HH(a, b, c, d, x[9], S31, 0xd9d4d039); /* 45 */
HH(d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */
HH(c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */
HH(b, c, d, a, x[2], S34, 0xc4ac5665); /* 48 */
/* Round 4 */
II(a, b, c, d, x[0], S41, 0xf4292244); /* 49 */
II(d, a, b, c, x[7], S42, 0x432aff97); /* 50 */
II(c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */
II(b, c, d, a, x[5], S44, 0xfc93a039); /* 52 */
II(a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */
II(d, a, b, c, x[3], S42, 0x8f0ccc92); /* 54 */
II(c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */
II(b, c, d, a, x[1], S44, 0x85845dd1); /* 56 */
II(a, b, c, d, x[8], S41, 0x6fa87e4f); /* 57 */
II(d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */
II(c, d, a, b, x[6], S43, 0xa3014314); /* 59 */
II(b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */
II(a, b, c, d, x[4], S41, 0xf7537e82); /* 61 */
II(d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */
II(c, d, a, b, x[2], S43, 0x2ad7d2bb); /* 63 */
II(b, c, d, a, x[9], S44, 0xeb86d391); /* 64 */
state[0] += a;
state[1] += b;
state[2] += c;
state[3] += d;
memset((char *) x, 0, sizeof(x));
}
void MD5_Init(MD5Context * context)
{
context->count[0] = context->count[1] = 0;
context->state[0] = 0x67452301;
context->state[1] = 0xefcdab89;
context->state[2] = 0x98badcfe;
context->state[3] = 0x10325476;
}
void MD5_Update(MD5Context * context, unsigned char * buf, int len)
{
unsigned int i, index, partLen;
index = (unsigned int) ((context->count[0] >> 3) & 0x3F);
if ((context->count[0] += ((unsigned int) len << 3)) < ((unsigned int) len << 3))
context->count[1]++;
context->count[1] += ((unsigned int) len >> 29);
partLen = 64 - index;
if (len >= partLen)
{
memcpy((char *) &context->buffer[index], (char *) buf, partLen);
MD5_Transform(context->state, context->buffer);
for (i = partLen; i + 63 < len; i += 64)
MD5_Transform(context->state, &buf[i]);
index = 0;
}
else
{
i = 0;
}
memcpy((char *) &context->buffer[index], (char *) &buf[i], len - i);
}
void MD5_Final(MD5Context * context, unsigned char digest[16])
{
unsigned char bits[8];
unsigned int index, padLen;
MD5_Encode(bits, context->count, 8);
index = (unsigned int) ((context->count[0] >> 3) & 0x3f);
padLen = (index < 56) ? (56 - index) : (120 - index);
MD5_Update(context, PADDING, padLen);
MD5_Update(context, bits, 8);
MD5_Encode(digest, context->state, 16);
memset((char *) context, 0, sizeof(*context));
}
void GetMD5Code(BYTE* pBuf, int nSize, char pCode[34])
{
MD5Context context;
unsigned char buff[16];
MD5_Init(&context);
MD5_Update(&context, pBuf, nSize);
MD5_Final(&context, buff);
for(int j = 0;j < 16; j++){
sprintf(pCode + j * 2, "%x", (buff[j] & 0xF0)>>4);
sprintf(pCode + j * 2 + 1, "%x", buff[j] & 0x0F);
}
}
调用方法:
传入需要加密的字符串codestr,及加密字符串长度,及生成KEY的BUFFER指针,加密函数执行完毕后将KEY存入该BUFFER中。
GetMD5Code(codestr, len, (char*)key);
以字符串"emtronix"为例,加密后key = "17f402d9a6251aff2302c01a035d05f4",可以利用网上工具验证是正确的。
哈希加密
哈希加密是用安全散列算法对字符串进行的一种加密。哈希加密有很多种,这里简单介绍一种SHA-256加密,它能将任何字符串加密成256bit的密码,即8个32bit的整形来存储,因为1个整形用16进制的字符串来表示需要8字节,即一共64字节。
#include "StdAfx.h"
#define SHA256_ROTL(a,b) (((a>>(32-b))&(0x7fffffff>>(31-b)))|(a<<b))
#define SHA256_SR(a,b) ((a>>b)&(0x7fffffff>>(b-1)))
#define SHA256_Ch(x,y,z) ((x&y)^((~x)&z))
#define SHA256_Maj(x,y,z) ((x&y)^(x&z)^(y&z))
#define SHA256_E0(x) (SHA256_ROTL(x,30)^SHA256_ROTL(x,19)^SHA256_ROTL(x,10))
#define SHA256_E1(x) (SHA256_ROTL(x,26)^SHA256_ROTL(x,21)^SHA256_ROTL(x,7))
#define SHA256_O0(x) (SHA256_ROTL(x,25)^SHA256_ROTL(x,14)^SHA256_SR(x,3))
#define SHA256_O1(x) (SHA256_ROTL(x,15)^SHA256_ROTL(x,13)^SHA256_SR(x,10))
void StrSHA256(const char* str, long long length, char* sha256)
{
char *pp, *ppend;
long l, i, W[64], T1, T2, A, B, C, D, E, F, G, H, H0, H1, H2, H3, H4, H5, H6, H7;
H0 = 0x6a09e667, H1 = 0xbb67ae85, H2 = 0x3c6ef372, H3 = 0xa54ff53a;
H4 = 0x510e527f, H5 = 0x9b05688c, H6 = 0x1f83d9ab, H7 = 0x5be0cd19;
long K[64] = {
0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2,
};
l = length + ((length % 64 > 56) ? (128 - length % 64) : (64 - length % 64));
if (!(pp = (char*)malloc((unsigned long)l))) return;
for (i = 0; i < length; pp[i + 3 - 2 * (i % 4)] = str[i], i++);
for (pp[i + 3 - 2 * (i % 4)] = 128, i++; i < l; pp[i + 3 - 2 * (i % 4)] = 0, i++);
*((long*)(pp + l - 4)) = length << 3;
*((long*)(pp + l - 8)) = length >> 29;
for (ppend = pp + l; pp < ppend; pp += 64){
for (i = 0; i < 16; W[i] = ((long*)pp)[i], i++);
for (i = 16; i < 64; W[i] = (SHA256_O1(W[i - 2]) + W[i - 7] + SHA256_O0(W[i - 15]) + W[i - 16]), i++);
A = H0, B = H1, C = H2, D = H3, E = H4, F = H5, G = H6, H = H7;
for (i = 0; i < 64; i++){
T1 = H + SHA256_E1(E) + SHA256_Ch(E, F, G) + K[i] + W[i];
T2 = SHA256_E0(A) + SHA256_Maj(A, B, C);
H = G, G = F, F = E, E = D + T1, D = C, C = B, B = A, A = T1 + T2;
}
H0 += A, H1 += B, H2 += C, H3 += D, H4 += E, H5 += F, H6 += G, H7 += H;
}
free(pp - l);
sprintf(sha256, "%08X%08X%08X%08X%08X%08X%08X%08X", H0, H1, H2, H3, H4, H5, H6, H7);
return;
}
调用方法:
传入需要加密的字符串codestr,及加密字符串长度,及生成KEY的BUFFER指针,加密函数执行完毕后将KEY存入该BUFFER中。
StrSHA256 (codestr, len, (char*)key);
如需要本文相关测试程序,可以联系英创工程师。
相关阅读:针对MAC地址的应用程序加密方法
成都英创信息技术有限公司 028-8618 0660