CN1372192A - Universal safety encipher interface - Google Patents

Universal safety encipher interface Download PDF

Info

Publication number
CN1372192A
CN1372192A CN 02113551 CN02113551A CN1372192A CN 1372192 A CN1372192 A CN 1372192A CN 02113551 CN02113551 CN 02113551 CN 02113551 A CN02113551 A CN 02113551A CN 1372192 A CN1372192 A CN 1372192A
Authority
CN
China
Prior art keywords
function
interface
chini
key
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN 02113551
Other languages
Chinese (zh)
Inventor
张建军
李成斌
蒋洪志
刘鸿力
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SANLINGSHENG-AN INFORMATION SYSTEM Co Ltd CHENGDU CITY
Original Assignee
SANLINGSHENG-AN INFORMATION SYSTEM Co Ltd CHENGDU CITY
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SANLINGSHENG-AN INFORMATION SYSTEM Co Ltd CHENGDU CITY filed Critical SANLINGSHENG-AN INFORMATION SYSTEM Co Ltd CHENGDU CITY
Priority to CN 02113551 priority Critical patent/CN1372192A/en
Publication of CN1372192A publication Critical patent/CN1372192A/en
Pending legal-status Critical Current

Links

Landscapes

  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

A nvoel aniversal safety ciphering interface simplifies various safety interfaces to the upper level applying program and makes the relevant canon to the lower level of ciphering algorithm module to satisfy the safe real-time interactive communication, safe store and forward, communication and local information data and files to be safety stored. to help the producers of applied softwares concentrate to developing applying system without over considering algorithm to change algorithm without modifying the applying programs. The same thing will happen to the algorithm producers.

Description

A kind of universal safety encipher interface
The present invention is a kind of universal safety encipher interface of computer security applications.
In today of scientific and technical develop rapidly, computing machine extensively applies to politics, economical, military, scientific research, culture, education, every field such as commerce and industrial and agricultural production, since it be have easy to use, many advantages such as forwarding information and information memory capacity be big quickly, therefore quite be subjected to common people's favor, but under the environment that fierceness is striven unexpectedly, people very worry with the Secure Application of communicating by letter the storage of secret information between the computing machine, therefore use the safety information product of cryptographic algorithm just to arise at the historic moment, but present safety information product is when using cryptographic algorithm, tie the cryptographic algorithm of upper level applications and lower floor more dead, change cryptographic algorithm if desired, must revise source code, recompilate and carry out.The manufacturer of production application program often will spend a lot of time and energy in the realization of cryptographic algorithm, and the manufacturer of production cryptographic algorithm spends a lot of time and energy again on upper level applications, and is at present domestic also not to the corresponding standard of interface between upper level applications and the lower floor's cryptographic algorithm.
The objective of the invention is the interface standard of standard upper level applications and lower floor's cryptographic algorithm, upper level applications has been simplified various safe interfaces, lower floor's algoritic module has been made corresponding standard.Can accomplish under the situation of not revising source code, dynamically, replace the cryptographic algorithm of Secure Application easily.
Method of the present invention adopts a kind of universal safety encipher interface as shown in Figure 1, and upper level applications 1 and lower floor's cryptographic algorithm (soft, hardware algorithm module 6 and driver 7) are combined, and forms an integral body.
The concrete implementation step of the present invention is as follows:
1, design upper level applications: this interface 2 is used in application program 1 exploitation, the application programming interface that provides in " Chini-appl.h " that needs to provide according to a kind of universal safety encipher interface 2, " chini_typee.h " header file, at first call function Chini_start could locate to call corresponding interface function 5 in needs encryption and decryption etc. then and also will call Chini-end at last.
2, design enciphering algorithm module: according to providing the dynamic base of cryptographic algorithm realization to the regulation of algoritic module interface function 5 standards, the manufacturer of production algoritic module in a kind of universal safety encipher interface standard, it provides unified interface function to a kind of universal safety encipher interface.
3, combination upper level applications 1 and lower floor's enciphering algorithm module 6: application program 1 must configure configuration file 4 with configuration file management order 3 by the Libaspi storehouse that a kind of universal safety encipher interface 2 provides, loading algorithm module 6 that could be correct forms an integral body like this.Configuration file 4 is placed on appointed positions, enciphering algorithm module 6 is put under the default path "/Chini/Security/algmod/ ", and the class name that the good application program of proper configuration is used in configuration file 4 and the library name of enciphering algorithm module.
4, by above-mentioned operation, the Secure Application of a perfect in shape and function has just produced, and the user can use according to the common using method of upper level applications and get final product.
5, when needs are changed enciphering algorithm module 6, application program earlier out of service, revise the library name of the new enciphering algorithm module that configuration file 4 changes the library name of the enciphering algorithm module of the class name of application program correspondence then, then new algoritic module dynamic base is placed on appointed positions, restart application program, at this moment operated with regard to using new cryptographic algorithm to carry out enciphering/deciphering etc.
Interface function 5 of the present invention comprises that upper layer application function interface and lower floor's enciphering algorithm module function interface and two header files " Chini-appl.h " reach " Chini_types.h ".The upper layer application function interface (5-01~5-12).Lower floor's enciphering algorithm module function interface (5-13~5-22) as follows:
Cipher key data structure ALGKEY: all key parameters of application call api function all are the pointers of this structure.
typedef struct algkey_st{ unsigned char*key; Key pointer int key_type; Key Tpe int key_len; Key length } ALGKEY; 
The upper layer application interface function
5-01. initialization Chini Sec Interface function
Prototype
int?chini_start(Tokenstruct**token,char*classname,char*instname);
Parameter
Token cryptographic operation sign
Classname calls the type name of application
Instname calls the Instance Name of application
Remarks
From the algorithm configuration file, obtain with this and use corresponding algorithms library, and load corresponding arithmetic module, return a token according to the Instance Name of the type name of using, application.When quoting other API, should provide corresponding token.
5-02. encryption and decryption function
Prototype
int?chini_enc(Tokenstruct*token,void*pDataIn,int?pDataInLen,void*pDataOut,int*pDataOutLen,void*workey,void*IV,int?EncMode,int?EncType);
Parameter
Token cryptographic operation sign
PDatIn imports data
PDataInLen imports data length
The pDataOut output data, the application program internal memory, as follows
PDataOutLen output data length is returned by algoritic module, and is as follows
Workey working key structure comprises key, key length, Key Tpe (1 expression has only a kind of key length, and 2 expressions have two kinds of key lengths, and 3 expressions have three kinds of key lengths)
The IV initial vector, its length is identical with block length.
The EncMode operator scheme
1:???ECB
2:???CBC
3:???OFB
4:???CFB
EncType encrypt/decrypt type selecting
1: encrypt
0: deciphering
Remarks
The encrypt/decrypt function, call function _ enc in the algoritic module (pDataIn, pDataInLen, pDataOut, pDataOutLen, workey, IV EncMode, EncType).
5-03. hash function
Prototype
int?chini_hash(Tokenstruct*token,void*pDataIn,int?pDataInLen,void*pDataOut,int*pDataOutLen,void*HashIv);
Parameter
Token cryptographic operation sign
PDataIn imports data
PDataInLen imports data length
The pDataOut output data
PDataOutLen output data length
HashIv hash initial vector
Remarks
Hash function, call function _ hash in the algoritic module (pDataIn, pDataInLen, pDataOut, pDataOutLen, HashIv).
5-04. ask the check code function
Prototype
int?chini_mac(Tokenstruct*token,void*pDataIn,int?pDataInLen,void*pDataOut,init*pDataOutLen,void*MacKey);
Parameter
Token cryptographic operation sign
PDataIn imports data
PDataInLen imports data length
The pDataOut output data
PDataOutLen output data length
MacKey verification function key structure
Remarks
The calculation check sign indicating number, call function _ mac in the algoritic module (pDataIn, pDataInLen, pDataOut, pDataOutLen, MacKey).
5-05. signature function
Prototype
int?chini_sign(Tokenstruct*token,void*Message,int?MLen,void*SignData,int*SignDataLen,void*Seckey);
Parameter
Token cryptographic operation sign
The message that Message need sign
The length of MLen message
The SignData result data of signing
SignDataLen signed data length
The private cipher key of Seckey signer
Remarks
Do digital signature, call function _ sign in the algoritic module (Message, MLen, SignData, SignDataLen, Seckey).
5-06. certifying signature function
Prototype
int?chini_verify(Tokenstruct*token,void*Message,int?MLen,void*SignData,intSignLen,void*Pubkey);
Parameter
Token cryptographic operation sign
Message needs the message of certifying signature
The length of MLen message
The public-key cryptography of Pubkey signer
The SignData signed data
SignDataLen signed data length
Remarks
Digital signature is verified, call function _ verify in the algoritic module (Message, MLen, SignData, SignDataLen, Pubkey).
5-07. random number functions
Prototype
int?chini_rand(Tokenstruct*token,void*RandNum,int?RandLen);
Parameter
Token cryptographic operation sign
The random number that RandNum produces
RandLen random number length (byte)
Remarks
Random number functions.Call function _ gerrand in the algoritic module (RandNum, RandLen)
5-08. obtain the working key function
Prototype
int?chini_getworkkey(TokenStruct*token,void*workkey,int*keylen,void*iv,int*ivlen,int?flag)
Parameter
Token cryptographic operation sign
The workkey working key
Keylen working key length
The iv initialization vector
Ivlen initialization vector length
Flag encryption and decryption sign
Remarks
Obtain the working key function, comprise initialization vector, call the function in the algoritic module:
int_getworkkey(void*workkey,int*keylen,void*iv,int*ivlen,int?flag)
5-09. public key encryption function
Prototype
int?chini_publicenc(TokenStruct*token,void*pDataIn,int?pDataInLen,
void*pDataOut,int*pDataOutLen,void*publickey)
Parameter
Token cryptographic operation sign
PDataIn imports data
PDataInLen imports data length
The pDataOut output data, the application program internal memory, as follows
PDataOutLen output data length is returned by algoritic module, and is as follows
The publickey PKI
Remarks
The public key encryption function, call the function in the algoritic module:
int_publicenc(void*pDataIn,int?pDataInLen,void*pDataOut,int*pDataOutLen,void*publickey)
5-10. private key decryption function
Prototype
int?chini_privatedec(TokenStruct*token,void*pDataIn,int?pDataInLen,
void*pDataOut,int*pDataOutLen,void*privatekey)
Parameter
Token cryptographic operation sign
PDataIn imports data
PDataInLen imports data length
The pDataOut output data
PDataOutLen output data length
The privatekey private key
Remarks
The private key decryption function, call the function in the algoritic module:
int_privatedec(void*pDataIn,int?pDataInLen,void*pDataOut,int*pDataOutLen,void*privatekey)
5-11. the attribute function of algoritic module
Prototype
int?chini_algatt(Tokenstruct*token,AttID*AttStruct);
Parameter
Token cryptographic operation sign
The attribute of AttStruct algoritic module
The attribute of algoritic module comprises: module title, module release number, manufacturer, the symmetry algorithm number of examining, the key length tabulation of symmetry algorithm support, the asymmetric arithmetic number of examining, asymmetric arithmetic are supported key length tabulation, the number of examining of Hash function, Hash function initialization vector length, MAC initialization vector length.
The attribute structure of algoritic module specifically describes as follows:
Key length list data structure ALG_TBL: because some cryptographic algorithm has several key lengths, so designed this key length list structure, it is a linked list data structure.
typedef struct alg_tbl{ int byte_len; Key length struct alg_tbl*next; ALG TBL :
Algorithm information data structure ALG_INFO: comprise grouping algorithm, public key algorithm, HASH, MAC.
tvpedef struct alg_st{ char * alg_name; Algorithm name char * alg_serial; The algorithm number of examining int key_type; 3 three kinds of key lengths of 2 two kinds of key lengths of 1 one kinds of key lengths of Key Tpe value implication, 4 arbitrary key length int block_byte_len; Grouping algorithm block length (or HASH value length, MAC value length) ALG_TBL key; The cipher key list structure } ALG_INFO; 
Algoritic module attribute data structures AttID
typedef struct attid_st{ char * module_name; Algoritic module name char * module_ver; The char * module_maker of algoritic module version number; Algoritic module manufacturer ALG_INFO block_alg; Grouping algorithm ALG_INFO pk_alg; Public key algorithm ALG_INFO hash; HASH algorithm ALG_INFO mac; The MAC algorithm<!--SIPO<dP n="8">--<dp n="d8"/>AttID; 
Remarks
The attribute function of algoritic module can obtain this algoritic module for information about.Call the function _ algatt (AttStruct) in the algoritic module.
5-12. close Chini SecAPI function
Prototype
int?chini_end(Tokenstruct*token);
Parameter
Token cryptographic operation sign
Remarks
Close Chini SecAPI function, releasing memory.
Lower floor's enciphering algorithm module function interface
These interface functions are all called by the respective function among the API, and its meaning of parameters is identical with function among the API.The name of interface function all is that all the same function call successes all return 0 in each algoritic module with parameter type, and other rreturn value all is to call to make mistakes.
5-13.enc(void*Message,int?MsgLen,void*Output,int*OutputLen,
void*Workey,void*IV,int?EncMode,int?EncType)
This function is finished the enciphering/deciphering computing of the various modes of operation of block cipher.Decide to do according to the value of parameter EncType and to encrypt still deciphering, generate and encrypt or the deciphering sub-key, and then according to the value selection operation mode of parameter EncMode.
5-14.verify(void*Message,int?MsgLen,void*Signature,int?SignatureLen,void*Key)
This function is finished the checking computing of public key algorithm, comprises the hash operations to message (Message), with key K ey decrypted signature value Signature, the result in relatively above two steps, and identical then returning very, otherwise return improper value.
5-15._sign(void*Message,int?MsgLen,void*Signature,int*SignatureLen,void*Key)
This function is finished the signature computing of public key algorithm, comprises the hash operations to message (Message), with key K ey keyed hash result.
5-16._hash(void*Message,int?MsgLen,void*Hash,int*HashLen,void*HashIv)
This function is finished hash operations, obtains hashed value.
5-17._mac(void*Message,int?MsgLen,void*Output,int*OutputLen,void*MacIv)
The check code of this function calculation message.
5-18._algatt(AttId*AttStruct)
This function call provides the attribute of this algoritic module.
5-19._gerrand(void*Rand,int?RandLen)
This function call produces random number.
5-20._getworkkey(void*workkey,int*keylen,void*iv,int*ivlen,int?flag)
This function is finished working key and initialization vector required when obtaining symmetrical encryption and decryption.Value decision according to parameter f lag obtains encrypting or deciphering required working key and initialization vector.
5-21._publicenc(void*pDataIn,int?pDataInLen,void*pDataOut,int*pDataOutLen,void*publickey)
This function is finished the public key encryption computing of public key algorithm (asymmetric cryptographic algorithm).Use the PKI of input that the data of input are carried out asymmetric encryption.
5-22._privatedec(void*pDataIn,int?pDataInLen,void*pDataOut,int*pDataOutLen,void*privatekey)
This function is finished the private key decrypt operation of public key algorithm (asymmetric cryptographic algorithm).Use private key that the input data of crossing with public key encryption are carried out asymmetric deciphering.
Illustrate:
" _ algatt () " must provide in each algoritic module in the above interface function, and other interface function is optionally, is not that each algoritic module all must provide whole interface function functions.
Fig. 1, a rare universal safety encipher interface functional framework figure.
1, application program; 2, a kind of universal safety encipher interface (API); 3, configuration file management order; 4, configuration file; 5, function interface; 6, soft, hardware algorithm module; 7, driver.
The present invention is a kind of method of writing information security software.It is formed by one group of dynamic base, configuration file with to a series of codes and standards of the various safe interfaces of upper layer application and enciphering algorithm module, therefore also will be along with development according to application and development, standard.Because this is a kind of method, a kind of codes and standards are not so be dependent on specific operating system and specific programming language.Can realize with multiple programming language, as: BASIC, PASCAL, FORTRAN, COBOL etc., applicable to several operation systems, interface specification, UNIX, WINDOWSNT, WINDOWS2000 of user's space and core space etc. are provided as: LINUX, situation at present realization reality, all make example with the C language in our relevant documentation, WINDOWS operating system is as operating system platform.
Now lift an example explanation:
The design upper application software
In this example, provide a simple demonstration program, this program is a little graphical application program of writing with C++Builder.
For simplicity, only explanation is done in the source code design of symmetrical encryption and decryption part here.
1, symmetric cryptography part of original code
... in_len=Edit1->GetTextLen (); In_len++; Edit1->GetTextBuf (enc_in, in_len); // this part code has obtained the number of importing that will encryptAccording to length Size=Edit4->GetTextLen (); Size++; Edit4->GetTextBuf (wkey, Size); // this part code has obtained encryption key and the length importedDegree for (i=Size; I<32; I++) wkey[i]=0xbb; Key.key=wkey; Key.key_type=1; Key.key_len=16; // this part code is with the encryption key that obtains, and the work that converts requirement to is closeKey version if (chini_start (﹠amp; Token, DEMO_CLASS, DEMO_INSTANCE)) // initializing universal adds<!--SIPO<dP n="11">--<dp n="d11"/>Connect airtight mouthful Application->MessageBox (" initialization failure ", " encryption ", MB_OK); Return; If (chini_enc (token, enc.in, in_len, enc_out , ﹠amp; Out_len , ﹠amp; Key, iv, CHINI_CBC, CHINI_ENC)) // cryptographic operation { Application->MessageBox (" encrypting wrong ", " encryption ", MB_OK); Return; Chini_end (token); // close general encipher interface enc_out[out_len]=0; Edit2->Text=(char*) enc_out; // demonstration encrypted result Edit3->Text=NULL: ... 
2. symmetrical decryption portion source code
... Size=Edit4->GetTextLen (); Size++; Edit4->GetTextBuf (wkey, Size); If (Size<32) ' for (i=Size; I<32; I++) wkey[i]=Oxbb; Key.key=wkey; Key.key_type=1; Key.key_len=16; // this part with decruption key change into the working key version of requirement<!--SIPO<dP n="12">--<dp n="d12"/>If (chini_start (﹠amp; Token, DEMO ' _ CLASS, DEMO_INSTANCE)) // the initializing universal encipher interface { Application->MessageBox (" initialization failure ", " deciphering ", MB_OK); Return:} if (chini_enc (token, enc.out.out_len, dec_out , ﹠amp; In_len , ﹠amp; Key, iv, CHINI_CBC, CHINI_DEC)) // decryption oprerations { Application->MessageBox (" decryption error ", " deciphering ", MB_OK); Edit3->Text=0 return; } ' chini_end (token); // close general encipher interface Edit3->Text=(char*) dec_out; // demonstration decrypted result; 
The design of lower floor's enciphering algorithm module
Two enciphering algorithm modules are provided in this example, are respectively twofish.dll (having realized the twofish cryptographic algorithm) and aes.dll (having realized the AES cryptographic algorithm), and they all are the dynamic base of making of VC++.
For simplicity, only explanation is done in the symmetrical encryption and decryption realization source code design partly of aes algorithm module here.
1, AES enciphering/deciphering function interface _ enc () realizes part of original code:
int_enc (void*pDataIn, int pDataInLen, void*pDataOut, int*pDataOutLen, void*workey, void*IV, int EncMode, int EncType) { ALGKEY*wkey=workey; Int loop, ij, lastlen; Short end; U4byte myIV[4], * tmp=NULL; U4byte*pIV=(u4byte*) IV;<!--SIPO<dP n="13">--<dp n="d13"/>For (i=0; I<4; I++) myIV[i]=pIV[i]; Switch (EncMode) case 1: //ECB, this encryption mode is not realized { printf (" ECB is used. "); Set_key ((u4byte*) wkey->key, (u4byte) wkey->key_len*8); Switch (EncType) { case 1:{ } case 0:{ } } return (1); Case 2: //CBC, to realization { set_key ((u4byte*) wkey->key of this encryption mode; (u4byte) wkey->key_len*8); Switch (EncType) case 1: //ENC, the realization of cryptographic operation { u4byte*pOut=(u4byte*) pDataOut;<!--SIPO<dP n="14">--<dp n="d14"/>BYTE*p=(BYTE*) malloc (pDataInLen+16); If (! P) return-1; Memcpy (p, pDataIn, pDataInLen); Printf (" nNow CBC-ENC is tarting ... n "); Lastlen=pDataInLen%16; End=16-lastlen; For (i=0; I<=end-1; I++) * (p+pDataInLen+i)=end; Loop=(pDataInLen+end)/16 is filled in // grouping; Tmp=(u4byte*) p; For (i=0; I<loop; I++) { for (j=0; J<=3; J++) tmp[j] ^=(* (myIV+j)); // XOR } and encrypt (tmp, pOut); // call AES encryption function for (j=0; J<4; J++) myIV[j]=pOut[j]; POut+=4; Tmp+=4; * pDataOutLen=pDataInLen+end; Free (p); Return 0; Case 0: //DEC, the realization of decryption oprerations,<!--SIPO<dP n="15">--<dp n="d15"/>U4byte * pOut=(u4byte*) pDataOut; If (pDataInLen%16) return-1; Printf (" nNow CBC-DEC is starting ... n "); Loop=pDataInLen/16; Tmp=(u4byte*) pDataIn; For (i=0; I<loop; I++) { decrypt (tmp, pOut); // call AES decryption function for (j=0; J<=3; J++) pOut[j] ^=myIV[j]; MyIV[j]=tmp[j]; Tmp+=4; POut+=4; End=(BYTE) (* ((BYTE*) pDataOut+pDataInLen-1)); If ((end>=16) ‖ (end<0)) { printf (" Error:this is end--%d n ", end); Return-1:} for (i=1; I<end; I++) if ((BYTE) (* ((BYTE*) pDataOut+pDataInLen-1-i))!=end) { return-1; * pDataOutLen=pDataInLen-end; Return 0;<!--SIPO<dP n="16">--<dp n="d16"/>Return-1; Case 3: //OFB,, this encryption mode is not realized { printf (" Error:OFB is not used "); Return (3); Case 4: //CFB,, this encryption mode is not realized { printf (" Error:CFB is not used. "); Return (4); Default:return (5); 
The encryption and decryption of aes algorithm is realized by the standard of general encipher interface to algoritic module, be packaged into _ form of enc (), like this, upper layer application just can be passed through a kind of general encipher interface, has been convenient to use.
The present invention can satisfy the security needs of following three kinds of application forms: 1, the real-time security interactive communication between the computing machine; 2, the safe storage between the computing machine is transmitted communication; 3, computing machine local information data and file are in safe storage.The software business man who can also allow simultaneously exploitation, uses is absorbed in the exploitation of application system, consideration algorithm that need not be too much, and the manufacturer that produces algorithm can be absorbed in soft, the hardware realization of algorithm, need not consider the realization of various application.
The present invention has simplified various safe interfaces with upper layer application, and lower floor's algoritic module has been made corresponding standard, can be under the situation of not revising application transposition encryption algorithm easily.
The present invention uses applicable to various computer security.

Claims (2)

1, a kind of method that upper level applications (1) and lower floor's enciphering algorithm module (6) are combined into an integral body is to adopt a kind of universal safety encipher interface (2), it is characterized in that following these steps to realize:
The design upper level applications: this interface (2) is used in application program (1) exploitation, the application programming interface that provides in " Chim-appl.h " that need provide according to a kind of universal safety encipher interface (2), " chini_typee.h " header file, at first call function Chini_start could locate to call corresponding interface function (5) in needs encryption and decryption etc. then and also will call Chini-end at last.
The design enciphering algorithm module: according to providing the dynamic base of cryptographic algorithm realization to the regulation of algoritic module interface function (5) standard, the manufacturer of production algoritic module in a kind of universal safety encipher interface standard, it provides unified interface function to a kind of universal safety encipher interface.
Combination upper level applications (1) and lower floor's enciphering algorithm module (6): application program (1) must configure configuration file (4) with configuration file management order (3) by the Libaspi storehouse that a kind of universal safety encipher interface (2) provide, loading algorithm module (6) that could be correct forms an integral body like this.Configuration file (4) is placed on appointed positions, enciphering algorithm module (6) is put under the default path "/Chini/Security/algmod/ ", and the class name that the good application program of proper configuration is used in configuration file (4) and the library name of enciphering algorithm module.
By above-mentioned operation, the Secure Application of a perfect in shape and function has just produced, and the user can use according to the common using method of upper level applications and get final product.
When needs are changed enciphering algorithm module (6), application program earlier out of service, revise the library name of the new enciphering algorithm module that configuration file 4 changes the library name of the enciphering algorithm module of the class name of application program correspondence then, then new algoritic module dynamic base is placed on appointed positions, restart application program, at this moment operated with regard to using new cryptographic algorithm to carry out enciphering/deciphering etc.
2, according to the described a kind of universal safety encipher interface of claim 1, it is characterized in that: interface function (5) is to comprise that upper layer application interface function and lower floor's enciphering algorithm module interface function and two header files " Chini-appl.h " reach " Chini_types.h ", the upper layer application interface function is an initialization Chini sec interface function, the encryption and decryption function, hash function, ask the check code function, signature function, the certifying signature function, random number functions, obtain the working key function, the PKI decryption function, the encrypted private key function, the attribute function of algoritic module, close the ChinisecAPI function, lower floor's enciphering algorithm module interface function is _ enc, _ verify, _ sign, _ hash, _ mac, _ algatt, _ gerrand, _ getworkkey, _ publicenc, _ privatedec.
CN 02113551 2002-04-02 2002-04-02 Universal safety encipher interface Pending CN1372192A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 02113551 CN1372192A (en) 2002-04-02 2002-04-02 Universal safety encipher interface

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 02113551 CN1372192A (en) 2002-04-02 2002-04-02 Universal safety encipher interface

Publications (1)

Publication Number Publication Date
CN1372192A true CN1372192A (en) 2002-10-02

Family

ID=4742677

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 02113551 Pending CN1372192A (en) 2002-04-02 2002-04-02 Universal safety encipher interface

Country Status (1)

Country Link
CN (1) CN1372192A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1322432C (en) * 2002-10-25 2007-06-20 国际商业机器公司 Safety system and method for medium content data file network distribution
CN101499013B (en) * 2009-03-11 2011-11-16 浙江中控软件技术有限公司 Method and apparatus for calling dynamic library
CN101310473B (en) * 2005-10-28 2012-12-12 卢森特技术有限公司 Air-interface application layer security for wireless networks
CN106845256A (en) * 2017-01-24 2017-06-13 腾讯科技(深圳)有限公司 A kind of method and terminal of encryption and decryption data in the application
CN107172108A (en) * 2017-07-26 2017-09-15 成都三零盛安信息系统有限公司 Data encryption, decryption method, data encryption, decryption device and communication system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1322432C (en) * 2002-10-25 2007-06-20 国际商业机器公司 Safety system and method for medium content data file network distribution
CN101310473B (en) * 2005-10-28 2012-12-12 卢森特技术有限公司 Air-interface application layer security for wireless networks
CN101499013B (en) * 2009-03-11 2011-11-16 浙江中控软件技术有限公司 Method and apparatus for calling dynamic library
CN106845256A (en) * 2017-01-24 2017-06-13 腾讯科技(深圳)有限公司 A kind of method and terminal of encryption and decryption data in the application
CN107172108A (en) * 2017-07-26 2017-09-15 成都三零盛安信息系统有限公司 Data encryption, decryption method, data encryption, decryption device and communication system

Similar Documents

Publication Publication Date Title
CN1136692C (en) Data conversion apparatus and data conversion method
CN1282324C (en) Device and method for data encipher
CN1251715A (en) Cyclotomic polynomial construction of discrete logarithm cryptosystem over finite fields
CN1788263A (en) Login system and method
CN1909023A (en) Transmitting/receiving system and method, transmitting apparatus and method, receiving apparatus and method, and program used therewith
CN1902560A (en) Contents distribution system, license distribution method and terminal
CN1867889A (en) Data converter
CN1729645A (en) Secure communications
CN1177245A (en) Enciphering method, deciphering method and certifying method
CN1969501A (en) Systems and methods to securely generate shared keys
CN1483271A (en) Apparatus and method for security processing of communication packets
CN1656733A (en) S-BOX encryption in block cipher implementations
CN1741444A (en) Reconfigurable key search engine
CN1921382A (en) Encrypting-decrypting method based on AES algorithm and encrypting-decrypting device
CN1314040A (en) Public-key signature methods and systems
CN101079701A (en) Highly secure ellipse curve encryption and decryption method and device
CN1716953A (en) Method for identifying conversation initial protocol
CN1764881A (en) Instructions to assist the processing of a cipher message
CN1921395A (en) Method and system for improving security of network software
CN1338166A (en) Public and private key cryptographic method
CN1905438A (en) Combined key managing method and system based on ID
CN1395191A (en) Data verification method, data verification device and processing program products thereof
CN1771483A (en) Semiconductor memory device
CN1372192A (en) Universal safety encipher interface
CN1806410A (en) Encryption communication system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication