为每个用户生成随机且不同的128位密钥的改进代码示例
当为每个用户生成随机且不同的128位密钥时,可以使用密码学库提供的随机数生成函数来生成密钥。以下是改进后的代码示例,其中使用Crypto++库的RandomNumberGenerator生成随机密钥:
#include <iostream>
#include <string>
#include <SQLiteCpp/SQLiteCpp.h>
#include <cryptopp/aes.h>
#include <cryptopp/modes.h>
#include <cryptopp/filters.h>
#include <cryptopp/osrng.h>
// 数据库文件路径
const std::string DATABASE_PATH = "users.db";
// 创建用户表
void createUsersTable(SQLite::Database& db) {
db.exec("CREATE TABLE IF NOT EXISTS users("
"id INTEGER PRIMARY KEY AUTOINCREMENT,"
"username TEXT UNIQUE,"
"password TEXT,"
"email TEXT,"
"aes_key TEXT"
")");
}
// 用户注册
void registerUser(SQLite::Database& db, const std::string& username, const std::string& password, const std::string& email) {
SQLite::Statement query(db, "INSERT INTO users (username, password, email, aes_key) VALUES (?, ?, ?, ?)");
// 生成随机AES密钥
CryptoPP::AutoSeededRandomPool rng;
byte aesKey[CryptoPP::AES::DEFAULT_KEYLENGTH];
rng.GenerateBlock(aesKey, sizeof(aesKey));
// 将密钥转换为十六进制字符串
std::string aesKeyHex;
CryptoPP::HexEncoder hexEncoder(new CryptoPP::StringSink(aesKeyHex));
hexEncoder.Put(aesKey, sizeof(aesKey));
hexEncoder.MessageEnd();
query.bind(1, username);
query.bind(2, password);
query.bind(3, email);
query.bind(4, aesKeyHex);
query.exec();
}
// 用户登录
boolean loginUser(SQLite::Database& db, const std::string& username, const std::string& password) {
SQLite::Statement query(db, "SELECT COUNT(*) FROM users WHERE username = ? AND password = ?");
query.bind(1, username);
query.bind(2, password);
if (query.executeStep()) {
int count = query.getColumn(0).getInt();
return count > 0;
}
return false;
}
// AES加密
std::string AES_Encrypt(const std::string& plaintext, const std::string& key) {
std::string ciphertext;
CryptoPP::AES::Encryption aesEncryption((byte*)key.c_str(), CryptoPP::AES::DEFAULT_KEYLENGTH);
CryptoPP::ECB_Mode_ExternalCipher::Encryption encryption(aesEncryption);
CryptoPP::StringSink stringSink(ciphertext);
CryptoPP::StreamTransformationFilter encryptor(encryption, &stringSink);
encryptor.Put(reinterpret_cast<const byte*>(plaintext.c_str()), plaintext.length() + 1);
encryptor.MessageEnd();
return ciphertext;
}
// 主函数
int main() {
SQLite::Database db(DATABASE_PATH, SQLite::OPEN_READWRITE | SQLite::OPEN_CREATE);
// 创建用户表
createUsersTable(db);
// 用户注册
std::string username, password, email;
std::cout << "请输入用户名:";
std::cin >> username;
std::cout << "请输入密码:";
std::cin >> password;
std::cout << "请输入邮箱:";
std::cin >> email;
registerUser(db, username, password, email);
// 用户登录
std::string loginUsername, loginPassword;
std::cout << "请输入登录用户名:";
std::cin >> loginUsername;
std::cout << "请输入登录密码:";
std::cin >> loginPassword;
if (loginUser(db, loginUsername, loginPassword)) {
std::cout << "登录成功!" << std::endl;
// 获取用户的AES密钥
SQLite::Statement query(db, "SELECT aes_key FROM users WHERE username = ?");
query.bind(1, loginUsername);
if (query.executeStep()) {
std::string aesKeyHex = query.getColumn(0).getString();
// 将密钥从十六进制字符串转换回byte数组
std::string aesKey;
CryptoPP::HexDecoder hexDecoder(new CryptoPP::StringSink(aesKey));
hexDecoder.Put(reinterpret_cast<const byte*>(aesKeyHex.c_str()), aesKeyHex.length());
hexDecoder.MessageEnd();
// AES加密
std::string plaintext;
std::cout << "请输入要加密的明文:";
std::cin >> plaintext;
std::string encrypted = AES_Encrypt(plaintext, aesKey);
std::cout << "加密后的密文: " << encrypted << std::endl;
}
} else {
std::cout << "登录失败!" << std::endl;
}
return 0;
}
在用户注册过程中,我们通过Crypto++库的AutoSeededRandomPool生成一个随机的128位AES密钥,并将其转换为十六进制字符串后存储在数据库中。在用户登录后,从数据库中获取用户的AES密钥,并使用该密钥进行AES加密。
这个示例程序整合了用户注册、登录和AES加密功能,并为每个用户生成了随机且不同的128位密钥。请确保在编译和运行程序之前已正确安装和配置相关的库。
希望这个改进的示例代码对你有所帮助。如果你有更多问题,请随时提问!
原文地址: http://www.cveoy.top/t/topic/dgqS 著作权归作者所有。请勿转载和采集!