使用OpenSSL EVP_DigestSign *生成CMAC密钥失败 [英] CMAC Key generation with OpenSSL EVP_DigestSign* fails
问题描述
我正在尝试生成用于使用OpenSSL计算CMAC的密钥.
I am trying to generate key for computing the CMAC with OpenSSL.
但是,这些似乎失败,并复制了以下错误消息.有人可以指出问题出在哪里吗?
有人用EVP_DigestSign*呼叫完成了CMAC吗?
However, these seem to fail with the error message copied below. Can someone point out where the problem is?
Has anybody done CMAC with EVP_DigestSign* calls?
这是从 https://wiki的示例构建的代码的一部分. .openssl.org/index.php/EVP_Key_and_Parameter_Generation :
BIO *out = NULL;
out = BIO_new(BIO_s_file());
if (out == NULL)
return -1;
BIO_set_fp(out, stdout, BIO_NOCLOSE);
EVP_MD_CTX* rctx = NULL;
EVP_PKEY *pkey = NULL;
EVP_PKEY_CTX *kctx = NULL;
rctx = EVP_MD_CTX_create();
if(rctx == NULL) {
printf("EVP_MD_CTX_create failed\n");
}
if(!EVP_PKEY_keygen_init(kctx)){
printf("EVP_PKEY_keygen_init failed\n");
}
if (EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,EVP_PKEY_CTRL_CIPHER,0, (void *)EVP_aes_256_ecb()) <= 0)
printf("EVP_PKEY_CTX_ctrl 1 failed\n");
if (EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,EVP_PKEY_CTRL_SET_MAC_KEY,/*key length*/32, "01234567890123456789012345678901") <= 0)
printf("Set the key data failed 1\n");
这里是错误:
EVP_PKEY_CTX_ctrl failed
3073898120:error:06093096:lib(6):func(147):reason(150):pmeth_gn.c:122:
3073898120:error:06089093:lib(6):func(137):reason(147):pmeth_lib.c:390:
在pmeth_lib.c中的第390行:
And at line 390 in pmeth_lib.c:
EVPerr(EVP_F_EVP_PKEY_CTX_CTRL, EVP_R_COMMAND_NOT_SUPPORTED);
我正在使用OpenSSL 1.0.1e.
I am using OpenSSL 1.0.1e.
另请参见如何计算AES使用OpenSSL的CMAC_xxx函数的CMAC?
推荐答案
我设法使用EVP接口使CMAC正常工作.较早失败的密钥生成部分也可以使用.这是代码.如您所见,我以此处发布的示例为例:如何计算AES CMAC使用OpenSSL?,它使用OpenSSL的CMAC_Init/Update/Final接口,并尝试了各种NIST值来检查EVP接口是否适用于CMAC:这是代码段.密钥生成现在也可以使用.请让我知道是否有任何我忽略的事情.我在使用EVP时确实有评论.也请参见下面的备注部分.
I managed to get CMAC working using EVP interfaces. The key generation part which failed earlier also works. Here is the code. As you can see, I have taken the example posted here: How to calculate AES CMAC using OpenSSL? which uses the CMAC_Init/Update/Final interfaces of OpenSSL and tried various NIST values to check if the EVP interfaces work for CMAC: Here is the code snippet. The key generation also works now. Please let me know if there is anything that I have overlooked. I do have a remark while using EVP. Please see the remark section below as well.
/*
* CMACSiging.c
*/
#include <stdio.h>
#include <openssl/cmac.h>
#include <openssl/err.h>
#include <stdio.h>
#include <stdlib.h>
#include <openssl/evp.h>
#include <string.h>
typedef signed char int8_t;
typedef signed short int16_t;
typedef signed int int32_t;
typedef unsigned char uint8_t;
typedef unsigned short uint16_t;
typedef unsigned int uint32_t;
void printBytes(unsigned char *buf, size_t len) {
int i;
for(i=0; i<len; i++) {
printf("%02x", buf[i]);
}
printf("\n");
}
EVP_PKEY *generate_key(int type)
{
EVP_PKEY_CTX *pctx = NULL, *kctx = NULL;
EVP_PKEY *params = NULL, *key = NULL;
unsigned char k[] = {0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4};
/* Create context for the key generation */
if(!(kctx = EVP_PKEY_CTX_new_id(type, NULL))) goto err;
/* Generate the key */
if(!EVP_PKEY_keygen_init(kctx)) goto err;
if(type == EVP_PKEY_CMAC)
{
if (EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
EVP_PKEY_CTRL_CIPHER,
0, (void *)EVP_aes_256_cbc()) <= 0)
goto err;
if (EVP_PKEY_CTX_ctrl(kctx, -1, EVP_PKEY_OP_KEYGEN,
EVP_PKEY_CTRL_SET_MAC_KEY, sizeof(k), k) <= 0)
goto err;
}
if (!EVP_PKEY_keygen(kctx, &key)) goto err;
goto end;
err:
end:
if(pctx) EVP_PKEY_CTX_free(pctx);
if(params) EVP_PKEY_free(params);
if(kctx) EVP_PKEY_CTX_free(kctx);
return key;
}
void trial(uint8_t *msg, uint8_t mlen, uint8_t *key, uint8_t keylen, uint8_t **sig, uint8_t *slen)
{
//16 byte msg with 32 byte key with aes 256 cbc based CMAC
if(!msg || !mlen || !key) {
//handleError
}
if(*sig)
OPENSSL_free(*sig);
*sig = NULL;
*slen = 0;
EVP_MD_CTX* ctx = NULL;
EVP_PKEY *pkey = NULL;
const EVP_MD* md = NULL;
OpenSSL_add_all_digests();
do
{
ctx = EVP_MD_CTX_create();
if(ctx == NULL) {
printf("EVP_MD_CTX_create failed\n");
break; // failed
}
if(!(md = EVP_get_digestbyname("SHA256")))
printf("EVP_get_digestbyname failed\n");
printf("Over to EVP calls \n");
if(!(pkey = generate_key(EVP_PKEY_CMAC))) printf("Error 5 \n");
int rc ;
rc = EVP_DigestSignInit(ctx, NULL, md, NULL, pkey);
if(rc != 1) {
printf("EVP_DigestSignInit failed\n");
ERR_print_errors_fp(stdout);
break;
}
rc = EVP_DigestSignUpdate(ctx, msg, mlen);
if(rc != 1) {
printf("EVP_DigestSignUpdate failed\n");
ERR_print_errors_fp(stdout);
break;
}
size_t req = 0;
rc = EVP_DigestSignFinal(ctx, NULL, &req);
if(rc != 1) {
printf("EVP_DigestSignFinal failed\n");
ERR_print_errors_fp(stdout);
break;
}
if(!(req > 0)) {
printf("EVP_DigestSignFinal failed (2)\n");
break;
}
*sig = OPENSSL_malloc(req);
if(*sig == NULL) {
printf("OPENSSL_malloc failed, error \n");
break;
}
*slen = req;
rc = EVP_DigestSignFinal(ctx, *sig, slen);
if(rc != 1) {
printf("EVP_DigestSignFinal failed (3)\n");
ERR_print_errors_fp(stdout);
break;
}
} while(0);
if(ctx) {
EVP_MD_CTX_destroy(ctx);
ctx = NULL;
}
}
int main(int argc, char *argv[])
{
// https://tools.ietf.org/html/rfc4493
// K, M and T from
// http://csrc.nist.gov/publications/nistpubs/800-38B/Updated_CMAC_Examples.pdf
// D.1 AES-128
// K: 2b7e1516 28aed2a6 abf71588 09cf4f3c
unsigned char key[] = {0x60, 0x3d, 0xeb, 0x10, 0x15, 0xca, 0x71, 0xbe, 0x2b, 0x73, 0xae, 0xf0, 0x85, 0x7d, 0x77, 0x81, 0x1f, 0x35, 0x2c, 0x07, 0x3b, 0x61, 0x08, 0xd7, 0x2d, 0x98, 0x10, 0xa3, 0x09, 0x14, 0xdf, 0xf4};
// M: 6bc1bee2 2e409f96 e93d7e11 7393172a Mlen: 128
unsigned char message[] = { 0x6b,0xc1,0xbe,0xe2,
0x2e,0x40,0x9f,0x96,
0xe9,0x3d,0x7e,0x11,
0x73,0x93,0x17,0x2a };
unsigned char mact[16] = {0};
size_t mactlen;
CMAC_CTX *ctx = CMAC_CTX_new();
CMAC_Init(ctx, key, 32, EVP_aes_256_cbc(), NULL);
printf("message length = %lu bytes (%lu bits)\n",sizeof(message), sizeof(message)*8);
CMAC_Update(ctx, message, sizeof(message));
CMAC_Final(ctx, mact, &mactlen);
printBytes(mact, mactlen);
//expected result T = 070a16b4 6b4d4144 f79bdd9d d04a287c
CMAC_CTX_free(ctx);
uint8_t key_len = sizeof(key);
uint8_t mlen = sizeof(message);
uint8_t *dgst = NULL;
size_t dlen;
trial( message, mlen, key, key_len, &dgst, &dlen);
printf("length of sig = %d\n", dlen);
printf("CMAC returned from trial is: ");
int i;
for(i = 0; i < dlen; i++)
printf("%02x", dgst[i]);
printf("\n");
return 0;
}
备注:
从代码中可以看出,重要的是要注意,当使用EVP_DigestSignInit时,消息摘要信封结构(EVP_MD)不应被视为NULL,如OpenSSL Wiki(OpenSSL 1.0.2e的ATLEAST)所述.经过测试):
As seen in code, what is important is to note that when using EVP_DigestSignInit, the message digest envelope structure (EVP_MD) should not be taken as NULL as mentioned in the OpenSSL Wiki (ATLEAST for OpenSSL 1.0.2e which is where I tested):
注意:使用 非对称算法,并生成MAC码.对于CMAC 不需要消息摘要功能(可以传递NULL).签收 使用EVP_Sign *函数与上面的示例非常相似, 除了不支持MAC代码.请注意,CMAC仅 (尚未发布)OpenSSL 1.1.0版本支持.
Note: There is no difference in the API between signing using an asymmetric algorithm, and generating a MAC code. In the case of CMAC no message digest function is required (NULL can be passed). Signing using the EVP_Sign* functions is very similar to the above example, except there is no support for MAC codes. Note that CMAC is only supported in the (as yet unreleased) version 1.1.0 of OpenSSL.
如果传递了NULL,我将得到一个摘要为NULL的错误. 似乎传递的内容不会影响CMAC的生成,因为此结构基本上被忽略了.我希望这里的OpenSSL人士可以澄清一下.谢谢!
If NULL is passed, I get an error that the digest is NULL. It seems like what is passed doesn't affect the CMAC generation as this struct is basically ignored. I hope the OpenSSL guys out here can clarify. Thanks!!
这篇关于使用OpenSSL EVP_DigestSign *生成CMAC密钥失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
