内置AES CBC / ECB模式使用Crypto ++加密/解密 [英] Inplace AES CBC/ECB mode encrypting/decrypting using Crypto++
问题描述
在CBC和ECB模式下使用Crypto ++(假设缓冲区大小足以容纳加密数据)执行AES加密/解密时,明确允许对明文/密文使用相同的缓冲区,如以下代码所示: p>
Is it explicitly allowed to use the same buffer for plaintext/ciphertext when performing AES encryption/decryption in CBC and ECB modes using Crypto++ (assuming the buffer size is sufficient to accomodate the encrypted data) as in the following code:
#include <cstdio>
#include <cassert>
#include "cryptopp\rsa.h"
#include "cryptopp\rijndael.h"
#include "cryptopp\modes.h"
int main()
{
using namespace CryptoPP;
byte key[32], iv[Rijndael::BLOCKSIZE];
char testdata[] = "Crypto++ Test"; // any data can be here
size_t buffer_size = (sizeof(testdata) + Rijndael::BLOCKSIZE) & ~(Rijndael::BLOCKSIZE - 1);
byte* buffer = new byte[buffer_size];
memcpy(buffer, testdata, sizeof(testdata));
// encrypt data inplace
CBC_Mode<Rijndael>::Encryption enc(key, sizeof(key), iv);
MeterFilter meter(new ArraySink(buffer, buffer_size));
ArraySource(buffer, sizeof(testdata), true, new StreamTransformationFilter(enc, new Redirector(meter), BlockPaddingSchemeDef::PKCS_PADDING));
assert(meter.GetTotalBytes() == buffer_size);
// decrypt data inplace
CBC_Mode<Rijndael>::Decryption dec(key, sizeof(key), iv);
MeterFilter meter2(new ArraySink(buffer, buffer_size));
ArraySource(buffer, buffer_size, true, new StreamTransformationFilter(dec, new Redirector(meter2), BlockPaddingSchemeDef::PKCS_PADDING));
assert(meter2.GetTotalBytes() == sizeof(testdata));
printf("%s\n", static_cast<char*>(buffer));
delete buffer;
}
推荐答案
是相同的或它们可以是不同的。我不能想到这样的情况,他们不允许在原地或原位处理纯文本或密文数据相同。唯一的注意事项是缓冲区必须足够大以便进行密文扩展。
In general, Crypto++ buffers can be the same or they can be distinct. I can't think of a situation where they are not allowed to be the same for in-place or in-situ processing of plain text or cipher text data. The only caveat is the buffer has to be larger enough for cipher text expansion.
您还必须小心重叠,但是如何才能陷入麻烦取决于密码。例如, AES 在 CBC_Mode 中对16个字节块进行操作(感兴趣的函数是 ProcessBlock , ProcessXorBlock 和朋友)。只要指针之间的差异为17字节(或更多),就可以使用重叠缓冲区。在RSA案例中,您可能需要 MaxPreImage 大小的差异,这是基于模数的大小。
You also have to be careful about overlap, but how you can get into trouble depends on the cipher. For example, AES in CBC_Mode operates on 16 byte blocks (the functions of interest are ProcessBlock, ProcessXorBlock, and friends). You can use an overlapped buffer as long as the difference between pointers is 17 bytes (or more). In the RSA case, you would likely need a difference of MaxPreImage size, which is based on the size of the modulus.
最后,旧的Crypto ++ FAQ将其简单地讨论为在线处理。请参阅如何在Crypto ++ 4.x中使用分组密码?
Finally, the old Crypto++ FAQ discusses it briefly as "in-line processing". See How do I use a block cipher in Crypto++ 4.x?
这篇关于内置AES CBC / ECB模式使用Crypto ++加密/解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
