我试图了解openSSL加密库中以下函数的参数。
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
size_t length, const AES_KEY *key,
unsigned char ivec[AES_BLOCK_SIZE],
unsigned char ecount_buf[AES_BLOCK_SIZE],
unsigned int *num);
通过处理here给出的建议,我能够弄明白:
*in - is the buffer in.
*out - is the buffer out.
length - is the the length of the *in buffer.
*key - is the private key.
ivec[0-7] - is the random IV
ivec[8-15] - is the counter thats incremented for every block that's encrypted.
我不确定
ecount_buf和num参数。
我看到呼叫返回后num设置为length % AES_BLOCK_SIZE。
指向
ecount_buf参数的指针是什么?
答案 0 :(得分:1)
如果您查看从here获取的实施代码:
/* The input encrypted as though 128bit counter mode is being
* used. The extra state information to record how much of the
* 128bit block we have used is contained in *num, and the
* encrypted counter is kept in ecount_buf. Both *num and
* ecount_buf must be initialised with zeros before the first
* call to AES_ctr128_encrypt().
*/
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
unsigned char counter[AES_BLOCK_SIZE],
unsigned char ecount_buf[AES_BLOCK_SIZE],
unsigned int *num) {
unsigned int n;
unsigned long l=length;
assert(in && out && key && counter && num);
assert(*num < AES_BLOCK_SIZE);
n = *num;
while (l--) {
if (n == 0) {
AES_encrypt(counter, ecount_buf, key);
AES_ctr128_inc(counter);
}
*(out++) = *(in++) ^ ecount_buf[n];
n = (n+1) % AES_BLOCK_SIZE;
}
*num=n;
}
您可以推断出它是一个中间缓冲区,用于保存 e 加密计数 er。 num以总块大小中使用的字节数的形式保存状态信息(在我们可能为了链接额外数据而进行的后续调用的情况下)。