void set_encrypt_key(const unsigned char *key, KEY_SCHEDULE *ks)
void set_decrypt_key(const unsigned char *key, KEY_SCHEDULE *ks)
在这两个函数的基础上实现EVP_CIPHER中密钥初始化函数。
static int init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
{
if(!enc)
{
if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_OFB_MODE) enc = 1;
else if (EVP_CIPHER_CTX_mode(ctx) == EVP_CIPH_CFB_MODE) enc = 1;
}
if (enc)
set_encrypt_key(key,&(ctx->c. ks));
else
{
set_decrypt_key(key,&(ctx->c. ks));
}
return 1;
}
/* 清除保留在内存中的密码 */
static int clean_key(EVP_CIPHER_CTX *ctx)
{
if(ctx)
memset(&(ctx-c.ks),0,sizeof(ctx->c.ks));
return 1;
}
如果加密算法结构EVP_CIPHER是通过BLOCK_CIPHER_defs宏定义的,则四种模式的算法接口必须何处理宏之后的接口一样:
int cname_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl);
int cname_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl);
int cname_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl);
int cname_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, unsigned int inl);
二:四种加密模式的实现
四种加密模式与基本加解密算法之间的关系!
假设加密算法和解密算法的实现函数接口如下
void encrypt(const unsigned char *in, unsigned char *out, const KEY *key, int *length)
void decrypt(const unsigned char *in, unsigned char *out, const KEY *key, int *length)
void ecb_ encrypt(const unsigned char *in, unsigned char *out,
long length, const KEY *key, unsigned char *iv, int enc)
{/* 电子密码本: Electronic Code Book */
register int i;
int len = 8;
register long l = length;
unsigned char buf[8];
if(enc)/*encryption*/
{
for(i=0;i<=l;i+=8)
{
encrypt(&in[i], &out[i], key, &len);/*len == 8 will always be true here*/
}
else
{
for(i=0;i<=l;i+=8)
{
decrypt(&in[i], &out[i], key, &len);/*len == 8 will always be true here*/
}
}
}
void cbc_encrypt(const unsigned char *in, unsigned char *out,
long length, const KEY *key, unsigned char *iv, int enc)
{/* 密钥分组连接模式 */
register int i;
int len = 8;
register long l = length;
unsigned char buf[8];
if(enc)/*encryption*/
{
for(l-=8; l>=0; l-=8, in+=8, out+=8)
{
for(i=0; i<8;>
buf[i] = in[i] ^ iv[i];
encrypt(buf, iv, key, &len);/*len == 8 will always be true here*/
for(i=0; i<8;>
out[i] = iv[i];
}
/*final block*/
if(l != -8)
{
for(i=0; i
buf[i] = in[i] ^ iv[i];
for(; i<8;>
buf[i] = iv[i];
encrypt(buf, iv, key, &len);/*len == 8 here*/
for(i=0; i<8;>
out[i] = iv[i];
}
/* 加密输出为做下一次得iv ,iv与in异或运算的结果作为加密输入*/
}
else/*decryption*/
{
for(l-=8; l>=0; l-=8, in+=8, out +=8)
{
decrypt(in, buf, key, &len);
for(i=0; i<8;>
out[i] = buf[i] ^ iv[i];
for(i=0; i<8;>
iv[i] = in[i];
}
/*final block*/
if(l != -8)
{
decrypt(in, buf, key, &len);
for(i=0; i
out[i] = buf[i] ^ iv[i];
for(i=0; i<8;>
iv[i] = in[i];
}
}
l = 0;
i = 0;
}
void cfb64_encrypt(const unsigned char *in, unsigned char *out,
long length, const KEY *key, unsigned char *iv, int *num, int enc)
{/* 密码反馈模式 */
register long l = length;
unsigned char buf[8];
register int i, save = 0, n = *num;/*start from previously saved processing position*/
int len = 8;
/*restore from previously saved iv*/
for(i=n; i<8;>
buf[i] = iv[i];
if(enc)
{
while(l--)
{
if(n == 0)
{
encrypt(iv, buf, key, &len);
save = 1;
}
*(out++) = iv[n] = *(in++) ^ buf[n];
n = (n+1)&0x07;
}
}
else
{
while(l--)
{
if(n == 0)
{
encrypt(iv, buf, key, &len);
save = 1;
}
*(out++) = (iv[n]=*(in++)) ^ buf[n];
n = (n+1)&0x07;
}
}
if(save)/*store encrypted data into iv for next encryption*/
for(i=n; i<8;>
iv[i] = buf[i];
/* cfb加密输出得结果作为下次得IV, in与加密IV的结果作异或运算的结果作为cfb加密的输出 */
OpenSSL对称加密算法中如何添加新算法(3)
内容版权声明:除非注明,否则皆为本站原创文章。