OpenSSL的操作AES CTR 256加密模式 [英] AES CTR 256 Encryption Mode of operation on OpenSSL
问题描述
进出口新的OpenSSL的,任何人可以给我如何从C文件初始化AES CTR模式的提示。我知道这是method's签名,但我有参数,there's不是很多文档没有一个明显的例子问题,如何使一个简单的加密。我想AP preciate如果有人能体现这种方法的调用。在此先感谢!
Im new to OpenSSL, Can anybody give me a hint in how to initialize AES CTR mode from a C file. I know this is the method´s signature but I am having problems with the parameters, there´s not many documentation neither a clear example how to make a simple encryption. I would appreciate if somebody could exemplify a call to this method. Thanks in advance!
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
unsigned char ivec[AES_BLOCK_SIZE],
unsigned char ecount_buf[AES_BLOCK_SIZE],
unsigned int *num);
喜咖啡厅我真的AP preciate你快速回答它已经真正有用的,而且defenetly我已在网页上找到的最好的例子。我试图打开与未定长度的文件进行加密和写入生成的密文的另一个文件,然后打开加密文件,并恢复明文。我需要使用相当多MB的文件,因为我想基准CPU的性能。但进出口仍然有问题,而解密。不知怎的,当解密相当txt文件(1504KB)它不会解密完成后,我也得到了一半的明文,而另一半仍加密。我想这可能与静脉注射的大小或我打电话柜台的方式。以下是我迄今为止:
Hi Caf I really appreciate your quick answer it has been really useful, and defenetly the best example I have found on the web. I am trying to open a file with undetermined length, encrypt it and write another file with the ciphertext generated, then open the ciphered file and recover the plaintext. I need to use a file of a considerable amount of MB cause I would like to benchmark the performance of the CPU. However Im still having a problem while decrypting. Somehow when decrypting a considerable txt files (1504KB)it wont decrypt it complete, and I get half of it in plaintext and the other half still ciphered. I think this might be related to the size of the iv or the way I am calling the counter. Here is what I have so far:
#include <openssl/aes.h>
#include <stdio.h>
#include <string.h>
struct ctr_state {
unsigned char ivec[16];
unsigned int num;
unsigned char ecount[16];
};
FILE *fp;
FILE *rp;
FILE *op;
size_t count;
char * buffer;
AES_KEY key;
int bytes_read, bytes_written;
unsigned char indata[AES_BLOCK_SIZE];
unsigned char outdata[AES_BLOCK_SIZE];
unsigned char ckey[] = "thiskeyisverybad"; // It is 128bits though..
unsigned char iv[8] = {0};//This should be generated by RAND_Bytes I will take into consideration your previous post
struct ctr_state state;
int init_ctr(struct ctr_state *state, const unsigned char iv[8]){
state->num = 0;
memset(state->ecount, 0, 16);
memset(state->ivec + 8, 0, 8);
memcpy(state->ivec, iv, 8);
}
void encrypt(){
//Opening files where text plain text is read and ciphertext stored
fp=fopen("input.txt","a+b");
op=fopen("output.txt","w");
if (fp==NULL) {fputs ("File error",stderr); exit (1);}
if (op==NULL) {fputs ("File error",stderr); exit (1);}
//Initializing the encryption KEY
AES_set_encrypt_key(ckey, 128, &key);
//Encrypting Blocks of 16 bytes and writing the output.txt with ciphertext
while (1) {
init_ctr(&state, iv); //Counter call
bytes_read = fread(indata, 1, AES_BLOCK_SIZE, fp);
AES_ctr128_encrypt(indata, outdata, bytes_read, &key, state.ivec, state.ecount, &state.num);
bytes_written = fwrite(outdata, 1, bytes_read, op);
if (bytes_read < AES_BLOCK_SIZE)
break;
}
fclose (fp);
fclose (op);
free (buffer);
}
void decrypt(){
//Opening files where text cipher text is read and the plaintext recovered
rp=fopen("recovered.txt","w");
op=fopen("output.txt","a+b");
if (rp==NULL) {fputs ("File error",stderr); exit (1);}
if (op==NULL) {fputs ("File error",stderr); exit (1);}
//Initializing the encryption KEY
AES_set_encrypt_key(ckey, 128, &key);
//Encrypting Blocks of 16 bytes and writing the output.txt with ciphertext
while (1) {
init_ctr(&state, iv);//Counter call
bytes_read = fread(indata, 1, AES_BLOCK_SIZE, op);
AES_ctr128_encrypt(indata, outdata, bytes_read, &key, state.ivec, state.ecount, &state.num);
bytes_written = fwrite(outdata, 1, bytes_read, rp);
if (bytes_read < AES_BLOCK_SIZE)
break;
}
fclose (rp);
fclose (op);
free (buffer);
}
int main(int argc, char *argv[]){
encrypt();
//decrypt();
system("PAUSE");
return 0;
}
每个加密和解密功能,被称为在不同的运行,所以一切与相同的值总是初始化。再次感谢您的提示,你可以提供给我提前和放大器;问候!!!
Each encrypt and decrypt function are called in different runs so everything is initialized always with the same values. Thanks again for the hints you can provide me in advance & Regards!!!
推荐答案
通常,你会打算叫 AES_ctr128_encrypt()反复使用相同的密钥发送几个消息和IV,和一个递增计数器。这意味着你需要保持'IVEC','民'和通话之间ecount价值观的轨迹 - 所以创建一个结构持有这些,和一个初始化函数:
Usually, you will be intending to call AES_ctr128_encrypt() repeatedly to send several messages with the same key and IV, and an incrementing counter. This means you need to keep track of the 'ivec', 'num' and 'ecount' values between calls - so create a struct to hold these, and an initialisation function:
struct ctr_state {
unsigned char ivec[16]; /* ivec[0..7] is the IV, ivec[8..15] is the big-endian counter */
unsigned int num;
unsigned char ecount[16];
};
int init_ctr(struct ctr_state *state, const unsigned char iv[8])
{
/* aes_ctr128_encrypt requires 'num' and 'ecount' set to zero on the
* first call. */
state->num = 0;
memset(state->ecount, 0, 16);
/* Initialise counter in 'ivec' to 0 */
memset(state->ivec + 8, 0, 8);
/* Copy IV into 'ivec' */
memcpy(state->ivec, iv, 8);
}
现在,当您开始与目的地通信时,你需要生成一个IV使用和初始化计数器:
Now, when you start communicating with the destination, you'll need to generate an IV to use and initialise the counter:
unsigned char iv[8];
struct ctr_state state;
if (!RAND_bytes(iv, 8))
/* Handle the error */;
init_ctr(&state, iv);
您一定要去的8字节IV发送到目的地。您还需要初始化一个 AES_KEY 从您的原始密钥字节:
You will then need to send the 8 byte IV to the destination. You'll also need to initialise an AES_KEY from your raw key bytes:
AES_KEY aes_key;
if (!AES_set_encrypt_key(key, 128, &aes_key))
/* Handle the error */;
您现在可以开始加密数据并将其发送到目的地,重复调用 AES_ctr128_encrypt()是这样的:
You can now start encrypting data and sending it to the destination, with repeated calls to AES_ctr128_encrypt() like this:
if (!AES_ctr128_encrypt(msg_in, msg_out, msg_len, &aes_key, state->ivec, state->ecount, &state->num))
/* Handle the error */;
( msg_in 是一个指向包含明文消息缓冲, msg_out 是一个指向一个缓冲区,其中加密的消息应该去和 msg_len 是消息长度)。
(msg_in is a pointer to a buffer containing the plaintext message, msg_out is a pointer to a buffer where the encrypted message should go, and msg_len is the message length).
解密是完全一样的,只是你不生成 RAND_bytes()的IV - 相反,你拿由对方提供给您的值
Decryption is exactly the same, except that you do not generate the IV with RAND_bytes() - instead, you take the value given to you by the other side.
重要:
-
不要不会拨打
init_ctr()不止一次在加密过程。计数器和IV必须初始化的只有一次之前加密的开始。
Do not call
init_ctr()more than once during the encryption process. The counter and IV must be initialised once only prior to the start of encryption.
在任何情况下被诱惑摆脱 RAND_bytes()上的加密方以外的任何地方IV。不要将其设置为一个固定值;不使用的哈希函数;不要使用收件人的姓名;不从磁盘读取。与 RAND_bytes()生成它,并将其发送到目的地。每当你开始以零柜台,你的必须的开始,你以前从未使用过一种完全新鲜的IV。
Under no circumstances be tempted to get the IV anywhere other than from RAND_bytes() on the encryption side. Don't set it to a fixed value; don't use a hash function; don't use the recipient's name; don't read it from disk. Generate it with RAND_bytes() and send it to the destination. Whenever you start with a zero counter, you must start with a completely fresh IV that you have never used before.
如果这是在所有可能的,你将发送2 ** 64字节不改变IV和/或密钥,您将需要测试的计数器溢出。
If it is at all possible that you will be sending 2**64 bytes without changing the IV and/or key, you will need to test for the counter overflowing.
不要忽略错误检查。如果函数失败,你不理它,它很可能(甚至很有可能),你的系统就会出现功能正常,但实际上将完全不安全的操作。
Do not omit error-checking. If a function fails and you ignore it, it's quite possible (even likely) that your system will appear to be functioning normally, but will actually be operating completely insecurely.
这篇关于OpenSSL的操作AES CTR 256加密模式的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
