内置AES CBC / ECB模式使用Crypto ++加密/解密 [英] Inplace AES CBC/ECB mode encrypting/decrypting using Crypto++
问题描述
在CBC和ECB模式下使用Crypto ++(假设缓冲区大小足以容纳加密数据)执行AES加密/解密时,明确允许对明文/密文使用相同的缓冲区,如以下代码所示: p>
Is it explicitly allowed to use the same buffer for plaintext/ciphertext when performing AES encryption/decryption in CBC and ECB modes using Crypto++ (assuming the buffer size is sufficient to accomodate the encrypted data) as in the following code:
#include <cstdio>
#include <cassert>
#include "cryptopp\rsa.h"
#include "cryptopp\rijndael.h"
#include "cryptopp\modes.h"
int main()
{
using namespace CryptoPP;
byte key[32], iv[Rijndael::BLOCKSIZE];
char testdata[] = "Crypto++ Test"; // any data can be here
size_t buffer_size = (sizeof(testdata) + Rijndael::BLOCKSIZE) & ~(Rijndael::BLOCKSIZE - 1);
byte* buffer = new byte[buffer_size];
memcpy(buffer, testdata, sizeof(testdata));
// encrypt data inplace
CBC_Mode<Rijndael>::Encryption enc(key, sizeof(key), iv);
MeterFilter meter(new ArraySink(buffer, buffer_size));
ArraySource(buffer, sizeof(testdata), true, new StreamTransformationFilter(enc, new Redirector(meter), BlockPaddingSchemeDef::PKCS_PADDING));
assert(meter.GetTotalBytes() == buffer_size);
// decrypt data inplace
CBC_Mode<Rijndael>::Decryption dec(key, sizeof(key), iv);
MeterFilter meter2(new ArraySink(buffer, buffer_size));
ArraySource(buffer, buffer_size, true, new StreamTransformationFilter(dec, new Redirector(meter2), BlockPaddingSchemeDef::PKCS_PADDING));
assert(meter2.GetTotalBytes() == sizeof(testdata));
printf("%s\n", static_cast<char*>(buffer));
delete buffer;
}
推荐答案
是相同的或它们可以是不同的。我不能想到这样的情况,他们不允许在原地或原位处理纯文本或密文数据相同。唯一的注意事项是缓冲区必须足够大以便进行密文扩展。
In general, Crypto++ buffers can be the same or they can be distinct. I can't think of a situation where they are not allowed to be the same for in-place or in-situ processing of plain text or cipher text data. The only caveat is the buffer has to be larger enough for cipher text expansion.
您还必须小心重叠,但是如何才能陷入麻烦取决于密码。例如, AES
在 CBC_Mode
中对16个字节块进行操作(感兴趣的函数是 ProcessBlock
, ProcessXorBlock
和朋友)。只要指针之间的差异为17字节(或更多),就可以使用重叠缓冲区。在RSA案例中,您可能需要 MaxPreImage
大小的差异,这是基于模数的大小。
You also have to be careful about overlap, but how you can get into trouble depends on the cipher. For example, AES
in CBC_Mode
operates on 16 byte blocks (the functions of interest are ProcessBlock
, ProcessXorBlock
, and friends). You can use an overlapped buffer as long as the difference between pointers is 17 bytes (or more). In the RSA case, you would likely need a difference of MaxPreImage
size, which is based on the size of the modulus.
最后,旧的Crypto ++ FAQ将其简单地讨论为在线处理。请参阅如何在Crypto ++ 4.x中使用分组密码?
Finally, the old Crypto++ FAQ discusses it briefly as "in-line processing". See How do I use a block cipher in Crypto++ 4.x?
这篇关于内置AES CBC / ECB模式使用Crypto ++加密/解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!