下面显示的代码是带有CBC模式实现的AES。我对网络安全方面很陌生。我想知道如何在块上添加mac生成函数并使其成为cbc-mac
static void GenerateDecryptionKey(uint8_t *key)
{
CRYCONLbits.CRYON = 0b1; //Turn module on
CRYCONHbits.KEYSRC = 0b000; //Select the key source (CRYKEY)
CRYCONLbits.OPMOD = 0b0010; //Select the operational mode (AES Decryption Key Expansion)
CRYCONLbits.CPHRSEL = 0b1; //Select the cipher (AES)
//(AES decryption key generation)
CRYCONHbits.KEYMOD = 0b00; //Set the key strength (128-bit key)
memcpy((void *)&CRYKEY0, key, 16); //Load the key into CRYKEY
//(128-bit key in this example)
CRYCONLbits.CRYGO = 0b1; //Start the encryption
while (CRYCONLbits.CRYGO == 0b1)
;
}
// For 128-bit key and 128-bit block size
void EncryptBlocks(
CIPHER_MODE mode,
uint8_t *key,
uint8_t *iv,
uint8_t *plaintext,
uint8_t *ciphertext,
int numblocks)
{
CRYCONLbits.CRYON = 1; //Turn module on
CRYCONHbits.KEYSRC = 0b0000; //Select the key source (CRYKEY)
CRYCONLbits.OPMOD = 0b0000; //Select operational mode (Encryption)
CRYCONLbits.CPHRSEL = 1; //Select cipher engine (AES)
CRYCONLbits.CPHRMOD = 0b001 ; //Select encryption mode
CRYCONHbits.KEYMOD = 0; //Set key strength to 128-bit
memcpy((void*)&CRYKEY0, key, 16); //Load the 128-bit key into CRYKEY
memcpy((void*)&CRYTXTB0, iv, 16); //Load the 128-bit initial vector (IV)
int i;
for (i = 0; i < numblocks; i += 16) {
//Load the next plaintext block into CRYTXTA
memcpy((void*)&CRYTXTA0, plaintext+ i, 16);
//Start the encryption
CRYCONLbits.CRYGO = 0b1;
// Wait for completion
while (CRYCONLbits.CRYGO == 0b1)
;
//Read the results out of CRYTXTB
memcpy(ciphertext+i, (void*)&CRYTXTB0, 16);
}
}
// For 128-bit key and 128-bit block size
void DecryptBlocks(
CIPHER_MODE mode,
uint8_t *key,
uint8_t *ciphertext,
uint8_t *plaintext,
int numblocks)
{
GenerateDecryptionKey(key);
CRYCONLbits.CRYON = 1; //Turn module on
CRYCONHbits.KEYSRC = 0b0000; //Select the key source (CRYKEY)
CRYCONLbits.OPMOD = 0b0001; //Select operational mode (Decryption)
CRYCONLbits.CPHRSEL = 1; //Select cipher engine (AES)
CRYCONLbits.CPHRMOD = 0b001; //Select decryption mode (CBC)
CRYCONHbits.KEYMOD = 0; //Set key strength to 128-bit
int i;
for (i = 0; i < numblocks; i+= 16) {
//Load the next plaintext block into CRYTXTA
memcpy((void*)&CRYTXTA0, plaintext+i, 16);
//Start the encryption
CRYCONLbits.CRYGO = 0b1;
// Wait for completion
while (CRYCONLbits.CRYGO == 0b1)
;
//Read the results out of CRYTXTB
memcpy(ciphertext+i, (void*)&CRYTXTB0, 16);
}
}
部分测试代码如下所示
EncryptBlocks(mode, AES_KEY, 0, plaintext, ciphertext, numblocks);
//EncryptBlocks(mode, AES_KEY, 0, plaintext, ciphertext, numblocks);//iv=0; for ECB mode
//LED1 = 0;
printf("Encrypted block:");
for (i = 0; i < numblocks; i++) {
base = i*16;
printf("\n");
for (j = base; j < base+16; j++) {
printf(" %02X", ciphertext[j]);
last[0] = ciphertext[j];
}
}
printf("\n\n");
for (i = 0; i < 16; i++) {
iv[i] = 0;
}
for(i=0;i<sizeof(plaintext);i++)
plaintext[i] = 0;
DecryptBlocks(mode, AES_KEY, ciphertext, plaintext, numblocks);
printf("Decrypted block: ");
for (i = 0; i < numblocks; i++)
{
base = i*16;
printf("\n");
for (j = base; j < base+16; j++) {
printf(" %02X", plaintext[j]);
}
}
printf("\n");
}