MbedTLS AES GCM 関数を使用して暗号化と復号化を試みる C プログラムを以下に示します。暗号化は正常に実行されていますが、mbedtls_cipher_check_tag() で rc = -25344 (-0x6300) で復号化が異常終了しています。mbedtls_strerror は、その戻りコードに対して「最後のエラーは: -0x6300 - CIPHER - 認証に失敗しました (AEAD モードの場合)」を返します。
ドキュメントには mbedtls_cipher_finish() の後に配置するように記載されていますが、(コードに示されているように) 関数の場所を変更しようとしましたが、成功しませんでした。
私は何を間違っていますか、何か考えはありますか?? どんな助けも非常に価値があります。
前もって感謝します
ここにコード:
//#
//# AES 128 GCM - MbedTLS
//#
#include <mbedtls/cipher.h>
#include <mbedtls/gcm.h>
#include <stdio.h>
#include <string.h>
#include <errno.h>
#include "etss.h"
#define PLAIN_SIZE 1024
#define CRYPT_SIZE 1032
key128 k;
iv16 iv;
aad16 aad;
tag16 tag;
int Decrypta (FILE * fInput, FILE * fOutput)
{
int conta = 0, rc = 0;
int nBytesWorked = 0, nGCMfinal = 0;
int nBytesRead = 0, nBytesWritten = 0;
int cIn = 0, cOut = 0, cWorked = 0;
unsigned char sPureBuff[PLAIN_SIZE] __attribute__((aligned(16))), sCiphBuff[CRYPT_SIZE] __attribute__((aligned(16)));
unsigned char *pPureBuff __attribute__((aligned(16)));
unsigned char *pCiphBuff __attribute__((aligned(16)));
unsigned char *pTag = tag.data;
pPureBuff = sPureBuff;
pCiphBuff = sCiphBuff;
mbedtls_cipher_context_t ctx;
mbedtls_cipher_init (&ctx);
rc = mbedtls_cipher_setup (&ctx, mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, k.size*8, MBEDTLS_MODE_GCM));
if ( rc != 0 )
{
printf ("Setup - Context preparation error (rc = %d). \n", rc);
return rc;
}
rc = mbedtls_cipher_setkey (&ctx, k.data, k.size*8, MBEDTLS_DECRYPT);
if ( rc != 0 )
{
printf ("Set Key - Context preparation error (rc = %d). \n", rc);
return rc;
}
rc = mbedtls_cipher_set_iv (&ctx, iv.data, iv.size);
if ( rc != 0 )
{
printf ("Set IV - Context preparation error (rc = %d). \n", rc);
return rc;
}
// rc = mbedtls_cipher_check_tag (&ctx, pTag, (size_t) tag.size);
//
// if ( rc != 0 )
// {
// printf ("Decryption - Error in check_tag() (rc=%d).\n",rc);
// return rc;
// }
rc = mbedtls_cipher_reset (&ctx);
if ( rc != 0 )
{
printf ("Reset - Context preparation error (rc = %d). \n", rc);
return rc;
}
rc = mbedtls_cipher_update_ad (&ctx, aad.data, aad.size);
if ( rc != 0 )
{
printf ("Set AAD - Context preparation error (rc = %d). \n", rc);
return rc;
}
memset(pCiphBuff, 0, CRYPT_SIZE);
memset(pPureBuff, 0, PLAIN_SIZE);
if ( (rc = ReadFile (fInput, &pCiphBuff, 1, CRYPT_SIZE, &nBytesRead)) )
{
printf ("Decryption - Input file reading error (rc = %d). \n", rc);
return rc;
}
while ( nBytesRead > 0 )
{
cIn += nBytesRead;
nBytesWorked = 0;
rc = mbedtls_cipher_update (&ctx, sCiphBuff, nBytesRead, sPureBuff, (size_t *) &nBytesWorked);
if ( rc != 0 )
{
printf ("Decryption - Error in DecryptUpdate() (rc = %d).\n", rc);
return rc;
}
cWorked += nBytesWorked;
// Count decryptions
conta++;
if ( nBytesWorked != 0 )
{
if ( (rc = WriteFile (fOutput, sPureBuff, 1, cWorked, &nBytesWritten)) )
{
printf ("Decryption - Output file writing error (rc = %d).\n", rc);
return rc;
}
pPureBuff = sPureBuff;
memset(pPureBuff, 0, PLAIN_SIZE);
cOut += nBytesWritten;
cWorked = 0;
}
if ( (rc = ReadFile (fInput, &pCiphBuff, 1, CRYPT_SIZE, &nBytesRead)) )
{
printf ("Decryption - Input file reading error (rc = %d). \n", rc);
return rc;
}
}
// rc = mbedtls_cipher_check_tag (&ctx, pTag, (size_t) tag.size);
//
// if ( rc != 0 )
// {
// printf ("Decryption - Error in check_tag() (rc=%d).\n",rc);
// return rc;
// }
pPureBuff += cWorked;
rc = mbedtls_cipher_finish (&ctx, pPureBuff, (size_t *) &nGCMfinal);
if ( rc != 0 )
{
printf ("Decryption - Error in DecryptFinal() (rc=%d).\n",rc);
return rc;
}
// Count decryptions
conta++;
rc = mbedtls_cipher_check_tag (&ctx, pTag, (size_t) tag.size);
if ( rc != 0 )
{
printf ("Decryption - Error in check_tag() (rc=%d).\n",rc);
return rc;
}
cWorked += nBytesWorked;
if ( (rc = WriteFile (fOutput, sPureBuff, 1, cWorked, &nBytesWritten)) )
{
printf ("Decryption - Output file writing error (rc = %d).\n", rc);
return rc;
}
cOut += nBytesWritten;
printf("\tD %d cIn = %d cOut = %d\n\n", conta, cIn, cOut);
mbedtls_cipher_free (&ctx);
return 0;
}
int Encrypta (FILE * fInput, FILE * fOutput)
{
int conta = 0, rc = 0;
int nBytesWorked = 0, nGCMfinal = 0;
int nBytesRead = 0, nBytesWritten = 0;
int cIn = 0, cOut = 0, cWorked = 0;
unsigned char sPureBuff[PLAIN_SIZE] __attribute__((aligned(16))), sCiphBuff[CRYPT_SIZE] __attribute__((aligned(16)));
unsigned char *pPureBuff __attribute__((aligned(16)));
unsigned char *pCiphBuff __attribute__((aligned(16)));
unsigned char *pTag = tag.data;
pPureBuff = sPureBuff;
pCiphBuff = sCiphBuff;
mbedtls_cipher_context_t ctx;
mbedtls_cipher_init (&ctx);
rc = mbedtls_cipher_setup (&ctx, mbedtls_cipher_info_from_values(MBEDTLS_CIPHER_ID_AES, k.size*8, MBEDTLS_MODE_GCM));
if ( rc != 0 )
{
printf ("Setup - Context preparation error (rc = %d). \n", rc);
return rc;
}
rc = mbedtls_cipher_setkey (&ctx, k.data, k.size*8, MBEDTLS_ENCRYPT);
if ( rc != 0 )
{
printf ("Set Key - Context preparation error (rc = %d). \n", rc);
return rc;
}
rc = mbedtls_cipher_set_iv (&ctx, iv.data, iv.size);
if ( rc != 0 )
{
printf ("Set IV - Context preparation error (rc = %d). \n", rc);
return rc;
}
rc = mbedtls_cipher_reset (&ctx);
if ( rc != 0 )
{
printf ("Reset - Context preparation error (rc = %d). \n", rc);
return rc;
}
rc = mbedtls_cipher_update_ad (&ctx, aad.data, aad.size);
if ( rc != 0 )
{
printf ("Set AAD - Context preparation error (rc = %d). \n", rc);
return rc;
}
memset(pPureBuff, 0, PLAIN_SIZE);
memset(pCiphBuff, 0, CRYPT_SIZE);
if ( (rc = ReadFile (fInput, &pPureBuff, 1, PLAIN_SIZE, &nBytesRead)) )
{
printf ("Encryption - Input file reading error (rc = %d). \n", rc);
return rc;
}
while ( nBytesRead > 0 )
{
cIn += nBytesRead;
pCiphBuff += cWorked;
rc = mbedtls_cipher_update (&ctx, sPureBuff, nBytesRead, sCiphBuff, (size_t *) &nBytesWorked);
if ( rc != 0 )
{
printf ("Encryption - Error in EncryptUpdate() (rc = %d).\n", rc);
return rc;
}
cWorked += nBytesWorked;
// Count encryptions
conta++;
if ( nBytesWorked != 0 )
{
if ( (rc = WriteFile (fOutput, sCiphBuff, 1, cWorked, &nBytesWritten)) )
{
printf ("Encryption - Output file writing error (rc = %d).\n", rc);
return rc;
}
pCiphBuff = sCiphBuff;
memset(pCiphBuff, 0, CRYPT_SIZE);
cOut += nBytesWritten;
cWorked = 0;
}
if ( (rc = ReadFile (fInput, &pPureBuff, 1, PLAIN_SIZE, &nBytesRead)) )
{
printf ("Encryption - Input file reading error (rc = %d). \n", rc);
return rc;
}
}
pCiphBuff += cWorked;
rc = mbedtls_cipher_finish (&ctx, pCiphBuff, (size_t *) &nGCMfinal);
if ( rc != 0 )
{
printf ("Encryption - Error in EncryptFinal() (rc=%d).\n",rc);
return rc;
}
// Count encryptions
conta++;
rc = mbedtls_cipher_write_tag (&ctx, pTag, (size_t) tag.size);
if ( rc != 0 )
{
printf ("Encryption - Error in write_tag() (rc=%d).\n",rc);
return rc;
}
cWorked += nBytesWorked;
if ( (rc = WriteFile (fOutput, sCiphBuff, 1, cWorked, &nBytesWritten)) )
{
printf ("Encryption - Output file writing error (rc = %d).\n", rc);
return rc;
}
cOut += nBytesWritten;
printf("\tE %d cIn = %d cOut = %d\n\n", conta, cIn, cOut);
mbedtls_cipher_free (&ctx);
return 0;
}
int main (int argc, char *argv[])
{
FILE *fPlain = NULL, *fEncrypt = NULL, *fDecrypt = NULL;
k.size = 16;
unsigned char inKey[16] = {0x9A, 0x59, 0x4E, 0xFA, 0x2C, 0x40, 0xBC, 0xC1, 0x2A, 0x05, 0x64, 0x43, 0xAC, 0x0C, 0xC1, 0xC2};
iv.size = 16;
unsigned char inIV[16] = {0x57, 0x1D, 0x32, 0xCE, 0x4F, 0x43, 0x17, 0x38, 0xE5, 0x52, 0x69, 0xE2, 0x18, 0xD1, 0x32, 0x09};
aad.size = 16; tag.size = 16;
unsigned char inAAD[16] = {0x9A, 0x1D, 0x4E, 0xCE, 0x2C, 0x43, 0xBC, 0x38, 0x2A, 0x52, 0x64, 0xE2, 0xAC, 0xD1, 0xC1, 0x09};
strncpy((char *) k.data, (const char *) inKey, k.size);
strncpy((char *) iv.data, (const char *) inIV, iv.size);
strncpy((char *) aad.data, (const char *) inAAD, aad.size);
int rc = 0;
if ( (rc = OpenFile (&fPlain, argv[1], "r")) )
{
printf ("GCM128-M - Open input plain text file %s error (rc = %d).\n", argv[1], rc);
return rc;
}
fEncrypt = fopen (argv[2], "wb+");
rc = errno;
if ( fEncrypt == NULL )
{
printf ("GCM128-M - Open output encrypt text file %s error (rc = %d).\n", argv[2], rc);
return rc;
}
printf("\n>> Encrypting AES GCM 128 ...\n\n");
Encrypta (fPlain, fEncrypt);
CloseFile(fPlain);
CloseFile(fEncrypt);
fEncrypt = fopen (argv[2], "rb+");
rc = errno;
if ( fEncrypt == NULL )
{
printf ("GCM128-M - Open input encrypt text file %s error (rc = %d).\n", argv[2], rc);
return rc;
}
if ( (rc = OpenFile (&fDecrypt, argv[3], "w")) )
{
printf ("GCM128-M - Open output decrypt text file %s error (rc = %d).\n", argv[3], rc);
return rc;
}
printf("\n>> Decrypting AES GCM 128 ...\n\n");
Decrypta (fEncrypt, fDecrypt);
CloseFile(fEncrypt);
CloseFile(fDecrypt);
return 0;
}
etss.h (Gilles の質問による) は次のとおりです。
#ifndef ETSS_H_
#define ETSS_H_
typedef struct st_key128 {
unsigned char data[16];
int size;
} key128;
typedef struct st_key192 {
unsigned char data[24];
int size;
} key192;
typedef struct st_key256 {
unsigned char data[32];
int size;
} key256;
typedef struct st_iv8 {
unsigned char data[8];
int size;
} iv8;
typedef struct st_iv16 {
unsigned char data[16];
int size;
} iv16;
typedef struct st_iv32 {
unsigned char data[32];
int size;
} iv32;
typedef struct st_aad8 {
unsigned char data[8];
int size;
} aad8;
typedef struct st_aad16 {
unsigned char data[16];
int size;
} aad16;
typedef struct st_aad32 {
unsigned char data[32];
int size;
} aad32;
typedef struct st_tag8 {
unsigned char data[8];
int size;
} tag8;
typedef struct st_tag16 {
unsigned char data[16];
int size;
} tag16;
int InitKey128(key128 * key);
int InitKey192(key192 * key);
int InitKey256(key256 * key);
int InitIV8(iv8 * iv);
int InitIV16(iv16 * iv);
int InitIV32(iv32 * iv);
int InitAAD8(aad8 * iv);
int InitAAD16(aad16 * iv);
int InitAAD32(aad32 * iv);
int InitTAG8(tag8 * iv);
int InitTAG16(tag16 * iv);
int SetKey128(key128 * key, char * keyValue);
int SetKey192(key192 * key, char * keyValue);
int SetKey256(key256 * key, char * keyValue);
int SetIV8(iv8 * iv, char * ivValue);
int SetIV16(iv16 * iv, char * ivValue);
int SetIV32(iv32 * iv, char * ivValue);
int SetAAD8(aad8 * aad, char * aadValue);
int SetAAD16(aad16 * aad, char * aadValue);
int SetAAD32(aad32 * aad, char * aadValue);
int SetTAG8(tag8 * tag, char * tagValue);
int SetTAG16(tag16 * tag, char * tagValue);
int OpenFile(FILE ** handler, char * name, char * mode);
int ReadFile(FILE * handler, unsigned char ** buffer, int regsize, int blocking, int * bytesread);
int WriteFile(FILE * handler, unsigned char * buffer, int regsize, int blocking, int * byteswritten);
int CloseFile(FILE * handler);
int DisplayChs(unsigned char * buffer, int size);
int PrintChs(FILE * handler, unsigned char * buffer, int size, int flag); // flag = 0 => don't DisplayChs
int DisplayNibbles(unsigned char * buffer, int size);
int DisplayHex(unsigned char * buffer, int size);
int PrintHex(FILE * handler, unsigned char * buffer, int size, int flag); // flag = 0 => don't DisplayHex
int Generate_Key128 (key128 *k) ;
int Generate_Key192 (key192 *k) ;
int Generate_Key256 (key256 *k) ;
int Generate_Nonce8 (iv8 *iv) ;
int Generate_Nonce16 (iv16 *iv) ;
int Generate_Nonce32 (iv32 *iv) ;
#endif /* ETSS_H_ */
16 進コードはここでは生成されず、手動で設定されていることに注意してください。
再度、感謝します。