AES_XCBC算法的实现

时间:2019-09-10 22:25:12

标签: c++ algorithm openssl cryptography ipsec

我正在尝试在基于C ++的应用程序中包括不同的IPSec算法。为此,我想使用此处描述的AES-XCBC算法:http://www.faqs.org/rfcs/rfc3566.html

我查看了OpenSSL的API,但没有找到适合AES-XCBC的API,例如OpenSSL Wiki中描述的AES_GCM的API:https://www.openssl.org/docs/man1.1.0/man3/EVP_EncryptInit_ex.html

但是能够从OpenSwan库中找到此测试程序:https://github.com/xelerance/Openswan/blob/6055fc6fa444f3d5b89ad0f7d3ec277eedaa9282/lib/libcrypto/libaes/test_main_mac.c

我修改了程序以使用RFC 3566中算法描述链接中的第二个测试向量,例如:

 Key (K)        : 000102030405060708090a0b0c0d0e0f

 Message (M)    : 000102

 AES-XCBC-MAC   : 5b376580ae2f19afe7219ceef172756f

#include <stdio.h>
#include <sys/types.h>
#include <string.h>
#include "aes.h"
#include "aes_xcbc_mac.h"
#define STR "Hola guasssso c|mo estais ...012"  
void print_hash(const u_int8_t *hash) {
        printf("%08x %08x %08x %08x\n",
                        *(u_int32_t*)(&hash[0]),
                        *(u_int32_t*)(&hash[4]),
                        *(u_int32_t*)(&hash[8]),
                        *(u_int32_t*)(&hash[12]));
}
int main(int argc, char *argv[]) {
        aes_block key= { 0x00010203, 0x04050607, 0x08090a0b, 0x0c0d0e0f };
        u_int8_t  hash[16];
        unsigned char str[3] = {0x00, 0x01, 0x02};
        aes_context_mac ctx;
        AES_xcbc_mac_set_key(&ctx, (u_int8_t *)&key, sizeof(key));
        AES_xcbc_mac_hash(&ctx, (u_int8_t *) &str, sizeof(str), hash);
        print_has(hash);
        str[2]='x';
        AES_xcbc_mac_hash(&ctx,(u_int8_t *) &str, sizeof(str), hash);
        print_hash(hash);
        return 0;
}

为上述输入打印的输出为:

  

b176b661 d551b66f 64889d60 18e71c76

这与RFC 3566中的预期mac不同。我是否正确使用了API?该算法有参考实现吗?

1 个答案:

答案 0 :(得分:0)

另一个库libtomcrypt确实具有AES_XCBC的实现。可以修改程序以使用libtomcrypt形式的xcbc_memory函数,并且测试program

#include <stdio.h>
#include <sys/types.h>
#include <string.h>
#include <tomcrypt.h> 
#define STR "Hola guasssso c|mo estais ...012"  
void print_hash(const u_int8_t *hash) {
        printf("%08x %08x %08x %08x\n",
                        *(u_int32_t*)(&hash[0]),
                        *(u_int32_t*)(&hash[4]),
                        *(u_int32_t*)(&hash[8]),
                        *(u_int32_t*)(&hash[12]));
}
int main(int argc, char *argv[]) {
        uint8_t key[16]= { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 
                           0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f  };
        uint8_t hash[16];
        int idx,err;
        unsigned char str[3] = {0x00, 0x01, 0x02};
        unsigned long taglen = 16;
        register_cipher( & aes_desc); 
        if ((idx = find_cipher("aes")) == -1) {
           if ((idx = find_cipher("rijndael")) == -1) {
             printf("idx:%d\n",idx);
             return CRYPT_NOP;
         }
        }
        if ((err = xcbc_memory(idx, key, 16, str, 3,hash, &taglen)) != CRYPT_OK) {
          printf("err:%d\n",idx);
          return err;
       }

        print_has(hash);
        str[2]='x';
        if ((err = xcbc_memory(idx, key, 16, str, 3,hash, &taglen)) != CRYPT_OK) {
          printf("err:%d\n",idx);
          return err;
        }
        print_hash(hash);
        return 0;
}
相关问题
最新问题