openssl学习之ccmgcm 模式.docx
- 文档编号:10407929
- 上传时间:2023-02-11
- 格式:DOCX
- 页数:22
- 大小:23.85KB
openssl学习之ccmgcm 模式.docx
《openssl学习之ccmgcm 模式.docx》由会员分享,可在线阅读,更多相关《openssl学习之ccmgcm 模式.docx(22页珍藏版)》请在冰豆网上搜索。
openssl学习之ccmgcm模式
openssl中添加了对AESccm和gcm模式的支持。
下面的内容主要是对这两个模式相关资料的收集以及整理。
一,CCM
CCM(counterwithCBC-MAC)定义在分组长度为128位的加密算法中,如,AES的分组长度为128。
组成AES-CCM算法的关键组成是CTR工作模式以及CMAC认证算法。
Wifi的WPE协议中使用了AES-CCM。
在HMAC中我们介绍CCM是属于一种E&M(认证并且加密),首先我们来看一下AES-CCM模式的输入输出。
首先介绍两个参数设置:
L:
长度域,取值为2~8,openssl中缺省的为8。
M:
tag的长度,合法的值为:
4,6,8,10,12,14和16。
openssl中缺省的为12
key
16,24,32
None
15-L
Messagetoauthenticateandencrypt
len(Msg)
Additionalauthenticateddata
len(AAD)
其中对消息长度有:
0<=len(Msg)<=2^(8L);
对附加数据长度有:
0<=len(AAD)<2^64;
[cpp]viewplaincopy
1./* Simple AES CCM test program, uses the same NIST data used for the FIPS
2. * self test but uses the application level EVP APIs.
3. */
4.#include
5.#include
6.#include
7.
8./* AES-CCM test data from NIST public test vectors */
9.
10.static const unsigned char ccm_key[] = {
11. 0xce,0xb0,0x09,0xae,0xa4,0x45,0x44,0x51,0xfe,0xad,0xf0,0xe6,
12. 0xb3,0x6f,0x45,0x55,0x5d,0xd0,0x47,0x23,0xba,0xa4,0x48,0xe8
13.};
14.// 随机数,每次加密针对相同的KEY使用不同的NONCE。
否则会破坏CCM模式的安全性(RFC3610)
15.static const unsigned char ccm_nonce[] = {
16. 0x76,0x40,0x43,0xc4,0x94,0x60,0xb7
17.};
18.//附加数据
19.static const unsigned char ccm_adata[] = {
20. 0x6e,0x80,0xdd,0x7f,0x1b,0xad,0xf3,0xa1,0xc9,0xab,0x25,0xc7,
21. 0x5f,0x10,0xbd,0xe7,0x8c,0x23,0xfa,0x0e,0xb8,0xf9,0xaa,0xa5,
22. 0x3a,0xde,0xfb,0xf4,0xcb,0xf7,0x8f,0xe4
23.};
24.//plaintext 表示明文
25.static const unsigned char ccm_pt[] = {
26. 0xc8,0xd2,0x75,0xf9,0x19,0xe1,0x7d,0x7f,0xe6,0x9c,0x2a,0x1f,
27. 0x58,0x93,0x9d,0xfe,0x4d,0x40,0x37,0x91,0xb5,0xdf,0x13,0x10
28.};
29.//ciphertext 表示密文
30.static const unsigned char ccm_ct[] = {
31. 0x8a,0x0f,0x3d,0x82,0x29,0xe4,0x8e,0x74,0x87,0xfd,0x95,0xa2,
32. 0x8a,0xd3,0x92,0xc8,0x0b,0x36,0x81,0xd4,0xfb,0xc7,0xbb,0xfd
33.};
34.//tag 表示tag数据
35.static const unsigned char ccm_tag[] = {
36. 0x2d,0xd6,0xef,0x1c,0x45,0xd4,0xcc,0xb7,0x23,0xdc,0x07,0x44,
37. 0x14,0xdb,0x50,0x6d
38.};
39.
40.void aes_ccm_encrypt(void)
41.{
42. EVP_CIPHER_CTX *ctx;
43. int outlen, tmplen;
44. unsigned char outbuf[1024];
45. printf("AES CCM Encrypt:
\n");
46. printf("Plaintext:
\n");
47. BIO_dump_fp(stdout, ccm_pt, sizeof(ccm_pt));
48. ctx = EVP_CIPHER_CTX_new();
49. /* Set cipher type and mode */
50. EVP_EncryptInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL);
51. /* Set nonce length if default 96 bits is not appropriate */
52. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, sizeof(ccm_nonce), NULL);
53. /* Set tag length */
54. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, sizeof(ccm_tag), NULL);
55. /* Initialise key and IV */
56. EVP_EncryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce);
57. /* Set plaintext length:
only needed if AAD is used*/
58. //输入输出需设置为NULL
59. EVP_EncryptUpdate(ctx, NULL, &outlen, NULL, sizeof(ccm_pt));
60. /* Zero or one call to specify any AAD */
61. //设置AAD,out参数需设置为NULL
62. EVP_EncryptUpdate(ctx, NULL, &outlen, ccm_adata, sizeof(ccm_adata));
63. /* Encrypt plaintext:
can only be called once */
64. EVP_EncryptUpdate(ctx, outbuf, &outlen, ccm_pt, sizeof(ccm_pt));
65. /* Output encrypted block */
66. printf("Ciphertext:
\n");
67. BIO_dump_fp(stdout, outbuf, outlen);
68. /* Finalise:
note get no output for CCM */
69. EVP_EncryptFinal_ex(ctx, outbuf, &outlen);
70. /* Get tag */
71. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, 16, outbuf);
72. /* Output tag */
73. printf("Tag:
\n");
74. BIO_dump_fp(stdout, outbuf, 16);
75. EVP_CIPHER_CTX_free(ctx);
76.}
77.
78.void aes_ccm_decrypt(void)
79.{
80. EVP_CIPHER_CTX *ctx;
81. int outlen, tmplen, rv;
82. unsigned char outbuf[1024];
83. printf("AES CCM Derypt:
\n");
84. printf("Ciphertext:
\n");
85. BIO_dump_fp(stdout, ccm_ct, sizeof(ccm_ct));
86. ctx = EVP_CIPHER_CTX_new();
87. /* Select cipher */
88. EVP_DecryptInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL);
89. /* Set nonce length, omit for 96 bits */
90. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, sizeof(ccm_nonce), NULL);
91. /* Set expected tag value */
92. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG,
93. sizeof(ccm_tag), (void *)ccm_tag);
94. /* Specify key and IV */
95. EVP_DecryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce);
96. /* Set ciphertext length:
only needed if we have AAD */
97. EVP_DecryptUpdate(ctx, NULL, &outlen, NULL, sizeof(ccm_ct));
98. /* Zero or one call to specify any AAD */
99. EVP_DecryptUpdate(ctx, NULL, &outlen, ccm_adata, sizeof(ccm_adata));
100. /* Decrypt plaintext, verify tag:
can only be called once */
101. rv = EVP_DecryptUpdate(ctx, outbuf, &outlen, ccm_ct, sizeof(ccm_ct));
102. /* Output decrypted block:
if tag verify failed we get nothing */
103. if (rv > 0)
104. {
105. printf("Plaintext:
\n");
106. BIO_dump_fp(stdout, outbuf, outlen);
107. }
108. else
109. printf("Plaintext not available:
tag verify failed.\n");
110. EVP_CIPHER_CTX_free(ctx);
111.}
112.
113.int main(int argc, char **argv)
114.{
115. aes_ccm_encrypt();
116. aes_ccm_decrypt();
117.}
[cpp]viewplaincopy
1./* Simple AES CCM test program, uses the same NIST data used for the FIPS
2. * self test but uses the application level EVP APIs.
3. */
4.#include
5.#include
6.#include
7.
8./* AES-CCM test data from NIST public test vectors */
9.
10.static const unsigned char ccm_key[] = {
11. 0xce,0xb0,0x09,0xae,0xa4,0x45,0x44,0x51,0xfe,0xad,0xf0,0xe6,
12. 0xb3,0x6f,0x45,0x55,0x5d,0xd0,0x47,0x23,0xba,0xa4,0x48,0xe8
13.};
14.// 随机数,每次加密针对相同的KEY使用不同的NONCE。
否则会破坏CCM模式的安全性(RFC3610)
15.static const unsigned char ccm_nonce[] = {
16. 0x76,0x40,0x43,0xc4,0x94,0x60,0xb7
17.};
18.//附加数据
19.static const unsigned char ccm_adata[] = {
20. 0x6e,0x80,0xdd,0x7f,0x1b,0xad,0xf3,0xa1,0xc9,0xab,0x25,0xc7,
21. 0x5f,0x10,0xbd,0xe7,0x8c,0x23,0xfa,0x0e,0xb8,0xf9,0xaa,0xa5,
22. 0x3a,0xde,0xfb,0xf4,0xcb,0xf7,0x8f,0xe4
23.};
24.//plaintext 表示明文
25.static const unsigned char ccm_pt[] = {
26. 0xc8,0xd2,0x75,0xf9,0x19,0xe1,0x7d,0x7f,0xe6,0x9c,0x2a,0x1f,
27. 0x58,0x93,0x9d,0xfe,0x4d,0x40,0x37,0x91,0xb5,0xdf,0x13,0x10
28.};
29.//ciphertext 表示密文
30.static const unsigned char ccm_ct[] = {
31. 0x8a,0x0f,0x3d,0x82,0x29,0xe4,0x8e,0x74,0x87,0xfd,0x95,0xa2,
32. 0x8a,0xd3,0x92,0xc8,0x0b,0x36,0x81,0xd4,0xfb,0xc7,0xbb,0xfd
33.};
34.//tag 表示tag数据
35.static const unsigned char ccm_tag[] = {
36. 0x2d,0xd6,0xef,0x1c,0x45,0xd4,0xcc,0xb7,0x23,0xdc,0x07,0x44,
37. 0x14,0xdb,0x50,0x6d
38.};
39.
40.void aes_ccm_encrypt(void)
41.{
42. EVP_CIPHER_CTX *ctx;
43. int outlen, tmplen;
44. unsigned char outbuf[1024];
45. printf("AES CCM Encrypt:
\n");
46. printf("Plaintext:
\n");
47. BIO_dump_fp(stdout, ccm_pt, sizeof(ccm_pt));
48. ctx = EVP_CIPHER_CTX_new();
49. /* Set cipher type and mode */
50. EVP_EncryptInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL);
51. /* Set nonce length if default 96 bits is not appropriate */
52. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, sizeof(ccm_nonce), NULL);
53. /* Set tag length */
54. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, sizeof(ccm_tag), NULL);
55. /* Initialise key and IV */
56. EVP_EncryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce);
57. /* Set plaintext length:
only needed if AAD is used*/
58. //输入输出需设置为NULL
59. EVP_EncryptUpdate(ctx, NULL, &outlen, NULL, sizeof(ccm_pt));
60. /* Zero or one call to specify any AAD */
61. //设置AAD,out参数需设置为NULL
62. EVP_EncryptUpdate(ctx, NULL, &outlen, ccm_adata, sizeof(ccm_adata));
63. /* Encrypt plaintext:
can only be called once */
64. EVP_EncryptUpdate(ctx, outbuf, &outlen, ccm_pt, sizeof(ccm_pt));
65. /* Output encrypted block */
66. printf("Ciphertext:
\n");
67. BIO_dump_fp(stdout, outbuf, outlen);
68. /* Finalise:
note get no output for CCM */
69. EVP_EncryptFinal_ex(ctx, outbuf, &outlen);
70. /* Get tag */
71. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_GET_TAG, 16, outbuf);
72. /* Output tag */
73. printf("Tag:
\n");
74. BIO_dump_fp(stdout, outbuf, 16);
75. EVP_CIPHER_CTX_free(ctx);
76.}
77.
78.void aes_ccm_decrypt(void)
79.{
80. EVP_CIPHER_CTX *ctx;
81. int outlen, tmplen, rv;
82. unsigned char outbuf[1024];
83. printf("AES CCM Derypt:
\n");
84. printf("Ciphertext:
\n");
85. BIO_dump_fp(stdout, ccm_ct, sizeof(ccm_ct));
86. ctx = EVP_CIPHER_CTX_new();
87. /* Select cipher */
88. EVP_DecryptInit_ex(ctx, EVP_aes_192_ccm(), NULL, NULL, NULL);
89. /* Set nonce length, omit for 96 bits */
90. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, sizeof(ccm_nonce), NULL);
91. /* Set expected tag value */
92. EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG,
93. sizeof(ccm_tag), (void *)ccm_tag);
94. /* Specify key and IV */
95. EVP_DecryptInit_ex(ctx, NULL, NULL, ccm_key, ccm_nonce);
96. /* Set ciphertext length:
only needed if we have AAD */
97. EVP_DecryptUpdate(ctx, NULL, &outlen, NULL, sizeof(ccm_ct));
98.
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- openssl学习之ccmgcm 模式 openssl 学习 ccmgcm
冰豆网所有资源均是用户自行上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作他用。
《Java程序设计》考试大纲及样题试行.docx
-
《工业企业管理》自学任务书.docx
-
《短歌行》原文翻译及赏析.docx
-
《跳水》教案3.docx
-
《基于MATLAB的信号与系统实验指导》编程练习.docx
-
《你是最棒的》教学设计.docx
-
《选修4化学反应原理》知识点总结整理超全.docx
-
2环境应急监测试题资料.docx
-
《自动化仪表工程施工及验收规范》GB50093仪表安装检验批.docx
-
09年法律硕士民法预热辅导第2102讲完整篇doc.docx
-
6阅读能力阅读方法指什么.docx
-
《豆蔻镇的居民和强盗》读后感.docx
-
CMYK色值参考.docx
-
3121护理查对制度.docx
-
《草莓》课堂教学课件5篇.docx
-
CCNA完整知识点.docx
-
《合理安排时间》说课稿.docx
-
18我的伯父鲁迅先生.docx
-
3dmax授课计划doc.docx
-
《中共中央国务院关于加快推进生态文明建设的意见》.docx
-
《永生的眼睛》练习题附答案.docx
-
flow3d官方培训教程中的实例中文说明.docx
-
《宪法》《监察法》应知应会100题含答案.docx
-
EMS基础知识综合练习复习资料.docx
-
100以内退位减法500道带竖式空间可直接打印.docx
-
207声屏障施工组织设计.docx
-
30个科学小常识教学提纲.docx
-
JGJ59建筑施工安全检查标准评分表全套.docx
-
12幼儿园保育员培训活动记录表.docx
-
minecraft匠魂教程.docx
-
c语言课程设计学生成绩管理系统.docx
-
0503新闻传播学基本要求.docx
-
浙江定额说明土建.docx
-
住宅小区物业服务投标书.docx
-
祝贺考上大学的祝福语.docx
-
整地开沟作业规范.docx
-
智能水电厂解决方案new.docx
-
砖砌体砌筑框架结构二次结构施工方案.docx
-
资本结构部习题.docx
-
整理step by step 第三册Unit 110 World News Up in Space词汇.docx
-
自考00015英语二试题及答案含评分标准2.docx
-
综合治理工程项目技术标1.docx
-
证券市场基础知识练习题44.docx
-
租房合同范本.docx
-
直流无刷电机本体设计.docx
-
最新CSS知识点总结资料.docx
-
植树节活动方案精选15篇.docx
-
质量控制资料表格.docx
-
中班活动反思20篇简短.docx
-
中国电池模组行业发展研究报告.docx
-
中国农业银行稽核处罚处理规定.docx
