我需要使用openssl解密带有8字节麦克风的128 ccm,但我的输出始终为空,这是我的代码:
void aes(){
unsigned char * aad = extochar("0841000CF635DFAB74F06D40A6A30090");
unsigned char * cipher = extochar("A52B1A6537FD99E79F49DABDCB2B297E096E0ACA95CF897D5099CBE43181C632DBE6BAAD8C15B0846839ADE68203C75DA7B5D415BA181105F8ADB199B707DFFE2944462948E775A7B946AFBACC7D90DA9831BEDC8961A3A49D3064EEFCABA0283ED4C55824B8BED8FCCFF2A0B4E9C86289BE3EEC3A4CE5BE1C95069CA97882E05EA211A0DD0EBF665E10CBE12B8ACBD1BAB390925FE9B5DFCB1A74EC897E220BF018DC3749A80C109976A72827DB407F491AC10D94FFF8DD0CC5738468E662CE32A5AD2A2B4FD37C50577B601E45C67199393C9B22CF4F4652E1B718FF5D2D614EA4B5CC10C954EEDFC2D3DA24E5A119E74697F708862ED5C499C7B42E55BF67C5B618E20A7EB5EB51B256825D70F38A51B0808034B4BE7A7C20CACC12CC5D8EF76E2859DF6A4089F6AC5DFB11FB49D994CDDB362340130D2BA31B0D880F4494C3E04B21C089A4B9204FB964A2080050C44E987000DE39326CDC69D95F83D47B60DA65DE0FC95271E1B082CC79B1F9E92ECE50C8FA2A9A922EC252770503310DED86ABC64C03FF0ED5EBBB2AD6CD8C997C6AA93C56D30B7C65B97F048CBC3196B338D121D10F4DE3F867EE21FCDB204EDD55867B3E3D3B703F");
//unsigned char * mic = extochar("8f3829e8e76ee23c04f566189e63c686");
int cipher_size = strlen("A52B1A6537FD99E79F49DABDCB2B297E096E0ACA95CF897D5099CBE43181C632DBE6BAAD8C15B0846839ADE68203C75DA7B5D415BA181105F8ADB199B707DFFE2944462948E775A7B946AFBACC7D90DA9831BEDC8961A3A49D3064EEFCABA0283ED4C55824B8BED8FCCFF2A0B4E9C86289BE3EEC3A4CE5BE1C95069CA97882E05EA211A0DD0EBF665E10CBE12B8ACBD1BAB390925FE9B5DFCB1A74EC897E220BF018DC3749A80C109976A72827DB407F491AC10D94FFF8DD0CC5738468E662CE32A5AD2A2B4FD37C50577B601E45C67199393C9B22CF4F4652E1B718FF5D2D614EA4B5CC10C954EEDFC2D3DA24E5A119E74697F708862ED5C499C7B42E55BF67C5B618E20A7EB5EB51B256825D70F38A51B0808034B4BE7A7C20CACC12CC5D8EF76E2859DF6A4089F6AC5DFB11FB49D994CDDB362340130D2BA31B0D880F4494C3E04B21C089A4B9204FB964A2080050C44E987000DE39326CDC69D95F83D47B60DA65DE0FC95271E1B082CC79B1F9E92ECE50C8FA2A9A922EC252770503310DED86ABC64C03FF0ED5EBBB2AD6CD8C997C6AA93C56D30B7C65B97F048CBC3196B338D121D10F4DE3F867EE21FCDB204EDD55867B3E3D3B703F")/2;
unsigned char * key = extochar("C7134FD10709F028D63C2E05CBB4C16C");
unsigned char * nonce = extochar("0074F06D40A6A3000000000011");
int nonce_size = strlen("0074F06D40A6A3000000000011")/2;
int aad_size = strlen("0841000CF635DFAB74F06D40A6A30090")/2;
unsigned char plain[cipher_size];
int mic_size = 8;
EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_init(ctx);
// Just set the alg
EVP_DecryptInit(ctx, EVP_aes_128_ccm(), 0, 0);
// Set nonce size
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, nonce_size, 0);
// Set the tag from the end of the encrypted array
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, mic_size, cipher +sizeof(unsigned char)*(cipher_size -8));
// Set key and nonce
EVP_DecryptInit(ctx, 0, key, nonce);
int outl = 0;
// We will encrypt Psize bytes
EVP_DecryptUpdate(ctx, 0, &outl, 0, cipher_size);
// Add AAD for verification
EVP_DecryptUpdate(ctx, 0, &outl, aad, aad_size);
// Time to decrypt the data into D
EVP_DecryptUpdate(ctx, plain, &outl, cipher, cipher_size);
// Not sure if this is needed
EVP_DecryptFinal(ctx, &plain[outl], &outl);
int i;
printf("plaintext");
for(i=0; i<cipher_size; i++)
printf("%.2x",plain[i]);
printf("\n");
函数extochar如下:
char * extochar(char* string)
{
unsigned char * out = malloc(sizeof(unsigned char)*strlen(string)/2);
int i;
for (i = 0; i < strlen(string)/2; i++)
{
sscanf(&string[2*i], "%02x", (unsigned int *)(&out[i]));
}
return out;
}
明文应以
开头AA AA 03 00 00 00 08 00 45 00 01 A9 0F DC 40 00 40 06 E6 14 27 E9 64 63 D1 55 E5 BC 8F B4 14 6C
并且this link的最后一个测试向量起作用(我仅测试了那个,将EVP_aes_128_ccm()更改为EVP_aes_256_ccm(),将麦克风大小更改为16)
怎么了? 非常感谢你的建议!
答案 0 :(得分:0)
我已通过以下步骤实现了GCM解密。请看看它是否可以帮到你。
//Step 1: Set cipher.
retval = EVP_DecryptInit (ctx, EVP_aes_128_gcm(), (const unsigned char *)key, (const unsigned char *)iv);
if(retval <= 0) {
//Error
}
//Step 2: Set tag. Extract the tag from the message if required.
retval = EVP_CIPHER_CTX_ctrl (ctx, EVP_CTRL_CCM_SET_TAG, taglen, (void *)tag);
if(retval <= 0) {
//Error
}
//Step 3: Add AAD.
retval = EVP_DecryptUpdate (ctx, NULL, (int *)&len, (const unsigned char *)add, (int)aadlen);
if(retval <= 0) {
//Error
}
//Step 4: Decrypt the data.
buflen = 0;
retval = EVP_DecryptUpdate (ctx, (unsigned char *)buf, (int *)&buflen, (const unsigned char *)inbuf, inbuflen);
if(retval <= 0) {
//Error
}
//This step is necessary
//If this step fails, means authentication fails.
retval = EVP_DecryptFinal(ctx, (unsigned char *)buf + buflen, (int *)&buflen);
if(retval <= 0) {
//Error and discard the decrypted data so far.
}
//Clean up.
EVP_CIPHER_CTX_cleanup (ctx);