試圖瞭解Brian Gladman博士的AES-CTR實現。 (http://gladman.plushost.co.uk/oldsite/AES/aes-src-12-09-11.zip aes_modes.c line 849以上) 我讀到了CTR算法,但是這個實現讓我感到疑惑。 我無法看到它與CTR模式算法的匹配程度。在Gladman的AES-CTR實現中,什麼是if(b_pos)代碼段?
什麼是if(b_pos)代碼段?
此外,我不理解所述條件 B_POS < AES_BLOCK_SIZE & & len個
由於(AES_BLOCK_SIZE & & LEN)將始終是1,而LEN> 0 AES_BLOCK_SIZE是16.
if(b_pos)
{
memcpy(buf, cbuf, AES_BLOCK_SIZE);
if(aes_ecb_encrypt(buf, buf, AES_BLOCK_SIZE, ctx) != EXIT_SUCCESS)
return EXIT_FAILURE;
while(b_pos < AES_BLOCK_SIZE && len)
{
*obuf++ = *ibuf++^buf[b_pos++];
--len;
}
if(len)
ctr_inc(cbuf), b_pos = 0;
}
AES_RETURN aes_ctr_crypt(const unsigned char *ibuf, unsigned char *obuf,
int len, unsigned char *cbuf, cbuf_inc ctr_inc, aes_encrypt_ctx ctx[1])
{ unsigned char *ip;
int i, blen, b_pos = (int)(ctx->inf.b[2]);
uint_8t buf[BFR_LENGTH];
if(b_pos)
{
memcpy(buf, cbuf, AES_BLOCK_SIZE);
if(aes_ecb_encrypt(buf, buf, AES_BLOCK_SIZE, ctx) != EXIT_SUCCESS)
return EXIT_FAILURE;
while(b_pos < AES_BLOCK_SIZE && len)
{
*obuf++ = *ibuf++^buf[b_pos++];
--len;
}
if(len)
ctr_inc(cbuf), b_pos = 0;
}
while(len)
{
blen = (len > BFR_LENGTH ? BFR_LENGTH : len), len -= blen;
for(i = 0, ip = buf; i < (blen >> 4); ++i)
{
memcpy(ip, cbuf, AES_BLOCK_SIZE);
ctr_inc(cbuf);
ip += AES_BLOCK_SIZE;
}
if(blen & (AES_BLOCK_SIZE - 1))
memcpy(ip, cbuf, AES_BLOCK_SIZE), i++;
if(aes_ecb_encrypt(buf, buf, i * AES_BLOCK_SIZE, ctx) != EXIT_SUCCESS)
return EXIT_FAILURE;
i = 0; ip = buf;
while(i + AES_BLOCK_SIZE <= blen)
{
obuf[ 0] = ibuf[ 0]^ip[ 0]; obuf[ 1] = ibuf[ 1]^ip[ 1];
obuf[ 2] = ibuf[ 2]^ip[ 2]; obuf[ 3] = ibuf[ 3]^ip[ 3];
obuf[ 4] = ibuf[ 4]^ip[ 4]; obuf[ 5] = ibuf[ 5]^ip[ 5];
obuf[ 6] = ibuf[ 6]^ip[ 6]; obuf[ 7] = ibuf[ 7]^ip[ 7];
obuf[ 8] = ibuf[ 8]^ip[ 8]; obuf[ 9] = ibuf[ 9]^ip[ 9];
obuf[10] = ibuf[10]^ip[10]; obuf[11] = ibuf[11]^ip[11];
obuf[12] = ibuf[12]^ip[12]; obuf[13] = ibuf[13]^ip[13];
obuf[14] = ibuf[14]^ip[14]; obuf[15] = ibuf[15]^ip[15];
i += AES_BLOCK_SIZE;
ip += AES_BLOCK_SIZE;
ibuf += AES_BLOCK_SIZE;
obuf += AES_BLOCK_SIZE;
}
while(i++ < blen)
*obuf++ = *ibuf++^ip[b_pos++];
}
ctx->inf.b[2] = (uint_8t)b_pos;
return EXIT_SUCCESS;
}
優秀的解釋!計數器初始化在哪裏? IV應該被髮送給接收方,以便他們可以使用它來解密消息。據我所知,它通常是用密文發送的。這將如何發送到這裏? – likejiujitsu
我認爲這取決於你的應用程序分配一個初始化第一個計數器塊。它通常包含一個隨機的隨機數(應用程序必須以某種方式發送給接收器)和一個初始計數器(通常爲0)。詳細瞭解NIST 800-38A。 – SquareRootOfTwentyThree
我有[link](http://csrc.nist.gov/groups/ST/toolkit/BCM/documents/proposedmodes/ctr/ctr-spec.pdf) – likejiujitsu