1

openssl を使用して 8 バイトのマイクで aes 128 ccm を復号化する必要がありますが、出力は常に空です。これが私のコードです。

void aes(){
unsigned char * aad = extochar("0841000CF635DFAB74F06D40A6A30090");


unsigned char * cipher = extochar("A52B1A6537FD99E79F49DABDCB2B297E096E0ACA95CF897D5099CBE43181C632DBE6BAAD8C15B0846839ADE68203C75DA7B5D415BA181105F8ADB199B707DFFE2944462948E775A7B946AFBACC7D90DA9831BEDC8961A3A49D3064EEFCABA0283ED4C55824B8BED8FCCFF2A0B4E9C86289BE3EEC3A4CE5BE1C95069CA97882E05EA211A0DD0EBF665E10CBE12B8ACBD1BAB390925FE9B5DFCB1A74EC897E220BF018DC3749A80C109976A72827DB407F491AC10D94FFF8DD0CC5738468E662CE32A5AD2A2B4FD37C50577B601E45C67199393C9B22CF4F4652E1B718FF5D2D614EA4B5CC10C954EEDFC2D3DA24E5A119E74697F708862ED5C499C7B42E55BF67C5B618E20A7EB5EB51B256825D70F38A51B0808034B4BE7A7C20CACC12CC5D8EF76E2859DF6A4089F6AC5DFB11FB49D994CDDB362340130D2BA31B0D880F4494C3E04B21C089A4B9204FB964A2080050C44E987000DE39326CDC69D95F83D47B60DA65DE0FC95271E1B082CC79B1F9E92ECE50C8FA2A9A922EC252770503310DED86ABC64C03FF0ED5EBBB2AD6CD8C997C6AA93C56D30B7C65B97F048CBC3196B338D121D10F4DE3F867EE21FCDB204EDD55867B3E3D3B703F");
//unsigned char * mic = extochar("8f3829e8e76ee23c04f566189e63c686");
int cipher_size  = strlen("A52B1A6537FD99E79F49DABDCB2B297E096E0ACA95CF897D5099CBE43181C632DBE6BAAD8C15B0846839ADE68203C75DA7B5D415BA181105F8ADB199B707DFFE2944462948E775A7B946AFBACC7D90DA9831BEDC8961A3A49D3064EEFCABA0283ED4C55824B8BED8FCCFF2A0B4E9C86289BE3EEC3A4CE5BE1C95069CA97882E05EA211A0DD0EBF665E10CBE12B8ACBD1BAB390925FE9B5DFCB1A74EC897E220BF018DC3749A80C109976A72827DB407F491AC10D94FFF8DD0CC5738468E662CE32A5AD2A2B4FD37C50577B601E45C67199393C9B22CF4F4652E1B718FF5D2D614EA4B5CC10C954EEDFC2D3DA24E5A119E74697F708862ED5C499C7B42E55BF67C5B618E20A7EB5EB51B256825D70F38A51B0808034B4BE7A7C20CACC12CC5D8EF76E2859DF6A4089F6AC5DFB11FB49D994CDDB362340130D2BA31B0D880F4494C3E04B21C089A4B9204FB964A2080050C44E987000DE39326CDC69D95F83D47B60DA65DE0FC95271E1B082CC79B1F9E92ECE50C8FA2A9A922EC252770503310DED86ABC64C03FF0ED5EBBB2AD6CD8C997C6AA93C56D30B7C65B97F048CBC3196B338D121D10F4DE3F867EE21FCDB204EDD55867B3E3D3B703F")/2;
unsigned char * key = extochar("C7134FD10709F028D63C2E05CBB4C16C");
unsigned char * nonce = extochar("0074F06D40A6A3000000000011");
int nonce_size = strlen("0074F06D40A6A3000000000011")/2;

int aad_size = strlen("0841000CF635DFAB74F06D40A6A30090")/2;
unsigned char plain[cipher_size];
int mic_size = 8;

EVP_CIPHER_CTX* ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_init(ctx);

// Just set the alg
EVP_DecryptInit(ctx, EVP_aes_128_ccm(), 0, 0);

// Set nonce size
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_IVLEN, nonce_size, 0);

// Set the tag from the end of the encrypted array
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_TAG, mic_size, cipher +sizeof(unsigned char)*(cipher_size -8));

// Set key and nonce
EVP_DecryptInit(ctx, 0, key, nonce);

int outl = 0;
// We will encrypt Psize bytes
EVP_DecryptUpdate(ctx, 0, &outl, 0, cipher_size);

// Add AAD for verification
EVP_DecryptUpdate(ctx, 0, &outl, aad, aad_size);

// Time to decrypt the data into D
EVP_DecryptUpdate(ctx, plain, &outl, cipher, cipher_size);

// Not sure if this is needed
EVP_DecryptFinal(ctx, &plain[outl], &outl);


int i;
printf("plaintext");
for(i=0; i<cipher_size; i++)
    printf("%.2x",plain[i]);
printf("\n");

関数 extochar は次のとおりです。

char * extochar(char* string)
{
    unsigned char * out = malloc(sizeof(unsigned char)*strlen(string)/2);
    int i;
    for (i = 0; i < strlen(string)/2; i++)
    {
        sscanf(&string[2*i], "%02x", (unsigned int *)(&out[i]));
    }
    return out;
}

平文はで始まる必要があります 

AA AA 03 00 00 00 08 00 45 00 01 A9 0F DC 40 00 40 06 E6 14 27 E9 64 63 D1 55 E5 BC 8F B4 14 6C

そして、このリンクの最後のテストベクターが 機能します(EVP_aes_128_ccm()をEVP_aes_256_ccm()に変更し、マイクサイズを16に変更して、その1つだけをテストしました)

どうしたの?アドバイスありがとうございます!

4

1 に答える 1

0

次の手順で GCM 復号化を達成しました。それがあなたを助けることができるかどうか見てください。

//Step 1: Set cipher.
retval  = EVP_DecryptInit (ctx, EVP_aes_128_gcm(), (const unsigned char *)key, (const unsigned char *)iv);
if(retval <= 0) {
   //Error
}

//Step 2: Set tag. Extract the tag from the message if required.
retval  = EVP_CIPHER_CTX_ctrl (ctx, EVP_CTRL_CCM_SET_TAG, taglen, (void *)tag);
if(retval <= 0) {
    //Error
}

//Step 3: Add AAD.
retval  = EVP_DecryptUpdate (ctx, NULL, (int *)&len, (const unsigned char *)add, (int)aadlen);
if(retval <= 0) {
    //Error
}

//Step 4: Decrypt the data.
buflen = 0;
retval  = EVP_DecryptUpdate (ctx, (unsigned char *)buf, (int *)&buflen, (const unsigned char *)inbuf, inbuflen);
if(retval <= 0) {
    //Error
}


//This step is necessary
//If this step fails, means authentication fails.
retval  = EVP_DecryptFinal(ctx, (unsigned char *)buf + buflen, (int *)&buflen);
if(retval <= 0) {
  //Error and discard the decrypted data so far.
}


//Clean up.
EVP_CIPHER_CTX_cleanup (ctx);
于 2013-04-06T05:41:15.310 に答える