33,311
社区成员
发帖
与我相关
我的任务
分享关于 Brian Gladman 的 AES 库
由于速度的原因.比如AS代码写的MD5计算大概貌3M的文件耗时 1600,而移植C语言版的只是AS写的十分之一,
于是我又移植了 Brian Gladman的AES 库到Flash上.这个很容易基本没做什么就完成了.由于本人对密码学一无所知,很多地方还很困惑
这是 自述 文档:
Please note the following IMPORTANT points about the AES mode subroutines:
1. All modes are reset when a new AES key is set.
2. Incremental calls to the different modes cannot
be mixed. If a change of mode is needed a new
key must be set or a reset must be issued (see
below).
3. For modes with IVs, the IV value is an input AND
an ouput since it is updated after each call to
the value needed for any subsequent incremental
call(s). If the mode is reset, the IV hence has
to be set (or reset) as well.
4. ECB operations must be multiples of 16 bytes
but do not need to be reset for new operations.
5. CBC operations must also be multiples of 16
bytes and are reset for a new operation by
setting the IV.
6. CFB, OFB and CTR mode must be reset by setting
a new IV value AND by calling: aes_mode_reset(aes_encrypt_ctx cx[1])
For CTR mode the cbuf value also has to be reset.
7. CFB, OFB and CTR modes only use AES encryption
operations and contexts and do not need AES
decrytpion operations.
8. AES keys remain valid across resets and changes
of mode (but encryption and decryption keys must
both be set if they are needed).
问题是:
1. 主要是第二条.. If a change of mode is needed a new key must be set or a reset must be issued (see below).
我是不是每次更改模式,比如从 CFB 切换到 CTR 需要重新设置 AES_Key?就是重新给 AES_Key 赋值
2. 带有 IV 的模式,我在Google上找了下好像要和密文一起传送.如果这样那么有什么标准的格式吗?? 比如把IV放在第一个字节块,或最后一个??
于是我又移植了 Brian Gladman的AES 库到Flash上.这个很容易基本没做什么就完成了.由于本人对密码学一无所知,很多地方还很困惑
这是 自述 文档:
Please note the following IMPORTANT points about the AES mode subroutines:
1. All modes are reset when a new AES key is set.
2. Incremental calls to the different modes cannot
be mixed. If a change of mode is needed a new
key must be set or a reset must be issued (see
below).
3. For modes with IVs, the IV value is an input AND
an ouput since it is updated after each call to
the value needed for any subsequent incremental
call(s). If the mode is reset, the IV hence has
to be set (or reset) as well.
4. ECB operations must be multiples of 16 bytes
but do not need to be reset for new operations.
5. CBC operations must also be multiples of 16
bytes and are reset for a new operation by
setting the IV.
6. CFB, OFB and CTR mode must be reset by setting
a new IV value AND by calling: aes_mode_reset(aes_encrypt_ctx cx[1])
For CTR mode the cbuf value also has to be reset.
7. CFB, OFB and CTR modes only use AES encryption
operations and contexts and do not need AES
decrytpion operations.
8. AES keys remain valid across resets and changes
of mode (but encryption and decryption keys must
both be set if they are needed).
问题是:
1. 主要是第二条.. If a change of mode is needed a new key must be set or a reset must be issued (see below).
我是不是每次更改模式,比如从 CFB 切换到 CTR 需要重新设置 AES_Key?就是重新给 AES_Key 赋值
2. 带有 IV 的模式,我在Google上找了下好像要和密文一起传送.如果这样那么有什么标准的格式吗?? 比如把IV放在第一个字节块,或最后一个??
...全文
请发表友善的回复…
发表回复
plzzz 2013-08-27
- 打赏
- 举报
我弄好测试了.如果更改模式不重置AES_Key,生成的值不对..
plzzz 2013-08-26
- 打赏
- 举报
我英文很烂..可是我发现
第8条 好像说的是 AES keys 可以跨 模式什么的...也许第二条说的要重置不是指的 AES_Key
8. AES keys remain valid across resets and changes of mode (but encryption and decryption keys must both be set if they are needed).
whizer 2013-08-26
- 打赏
- 举报
1. 主要是第二条.. If a change of mode is needed a new key must be set or a reset must be issued (see below).
我是不是每次更改模式,比如从 CFB 切换到 CTR 需要重新设置 AES_Key?就是重新给 AES_Key 赋值
A: 是的.
2. 带有 IV 的模式,我在Google上找了下好像要和密文一起传送.如果这样那么有什么标准的格式吗?? 比如把IV放在第一个字节块,或最后一个??
A: 是的.解密段必须知道IV才能解密, 具体IV怎么传输是看协议怎么定义的,当然你可以定义自己的协议格式, 自己在服务器客户端解析就可以了.如果你想具体了解,可以参考一下IPSEC的标准.
cocoabird 2013-08-26
- 打赏
- 举报
不懂 帮顶下!
