3

我试图了解 openSSL 加密库中以下函数的参数。

void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
    size_t length, const AES_KEY *key,
    unsigned char ivec[AES_BLOCK_SIZE],
    unsigned char ecount_buf[AES_BLOCK_SIZE],
    unsigned int *num);

通过研究这里给出的建议,我能够弄清楚:

*in - is the buffer in.
*out - is the buffer out.
length - is the the length of the *in buffer.
*key - is the private key.
ivec[0-7] - is the random IV
ivec[8-15] - is the counter thats incremented for every block that's encrypted.

我不确定ecount_bufnum参数。

我看到它num设置为length % AES_BLOCK_SIZE通话返回后。

任何指向ecount_buf参数用途的指针?

4

1 回答 1

1

如果您查看从此处获取的实现代码:

/* The input encrypted as though 128bit counter mode is being
 * used.  The extra state information to record how much of the
 * 128bit block we have used is contained in *num, and the
 * encrypted counter is kept in ecount_buf.  Both *num and
 * ecount_buf must be initialised with zeros before the first
 * call to AES_ctr128_encrypt().
 */
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
    const unsigned long length, const AES_KEY *key,
    unsigned char counter[AES_BLOCK_SIZE],
    unsigned char ecount_buf[AES_BLOCK_SIZE],
    unsigned int *num) {

    unsigned int n;
    unsigned long l=length;

    assert(in && out && key && counter && num);
    assert(*num < AES_BLOCK_SIZE);

    n = *num;

    while (l--) {
        if (n == 0) {
            AES_encrypt(counter, ecount_buf, key);
            AES_ctr128_inc(counter);
        }
        *(out++) = *(in++) ^ ecount_buf[n];
        n = (n+1) % AES_BLOCK_SIZE;
    }

    *num=n;
}

你可以推断它是一个用于保存加密计数器中间缓冲区。num以总块大小中使用的字节数的形式保存状态信息(在我们可能为了链接额外数据而进行的后续调用的情况下)。

于 2016-07-07T21:23:03.743 回答