Openssl中chacha20-poly1305的使用
生活随笔
收集整理的這篇文章主要介紹了
Openssl中chacha20-poly1305的使用
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
原理簡述
chacha20-poly1305 是帶有關聯數據的認證加密(AEAD)AEAD是一種能夠同時保證數據的保密性、 完整性和真實性的一種加密模式。
通常使用除了明文以外,會把包頭的地址和端口等信息放進去一起做完整性校驗。
chacha20 是流加密算法。
poly1305 是完整性校驗是算法,即根據輸入(加密數據和關聯數據)輸出16字節的認證標簽。
使用方法
加密
輸入項:
| key | 32 | 共享秘鑰 |
| iv | 12 | 干擾項,每次不同 |
| AAD | N | 關聯數據 |
| plaintext | N | 待加密數據明文 |
輸出項:
| ciphertext | N | 加密后的密文,長度與原始明文一致 |
| TAG | 16 | 認證標簽 |
通常將TAG接在ciphertext密文之后。
解密
輸入項:
| key | 32 | 共享秘鑰 |
| iv | 12 | 干擾項,每次不同 |
| AAD | N | 關聯數據 |
| ciphertext | N | 待加密數據明文 |
| TAG | 16 | 認證標簽 |
輸出項:
| plaintext | N | 原始明文 |
| result | 1 | 完整性檢查結果(1成功,0失敗) |
參數關聯
key + iv + plaintext ===> ciphertext
ciphertext + AAD ===> TAG
AAD只參與完整性驗證,不參與加密。
代碼實例
代碼剛驗證完,沒整理,湊合看,嘻嘻。
int chachapoly_test(void) {/* Key 共享秘鑰 */unsigned char skey2[32] = {0x2e,0xff,0xe4,0x85,0x1e,0x23,0x72,0xef,0x5c,0x44,0x14,0x75,0x61,0xd8,0xf0,0xa3,0xde,0x91,0x09,0x00,0x24,0x03,0x51,0x3c,0xf2,0xf6,0x6d,0x16,0xbd,0x78,0xd2,0x63};int ret = 0;EVP_CIPHER_CTX* ctx = NULL;EVP_CIPHER_CTX* dctx = NULL;/* 干擾項 iv */unsigned char iv[12] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b};/* 外部關聯數據 AAD */unsigned char aad[128] = {0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1f,0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1f,0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1f,0x20,0x21,0x22,0x23,0x24,0x25,0x26,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f,0x10,0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1a,0x1b,0x1c,0x1d,0x1f,0x20,0x21,0x22,0x23,0x24,0x25,0x26};unsigned char ciphertext[1024] = {0};unsigned char res[1024] = {0};/* 原始明文 plaintext */unsigned char msg[] = "0123456789abcdefghijklmnopqrstuvwxyz";ctx = EVP_CIPHER_CTX_new();ret = EVP_EncryptInit_ex(ctx, EVP_chacha20_poly1305(), NULL, skey2, iv);printf("EncryptInit ret: %d\n", ret);int outlen, finallen, reslen;/* 加密輸入 ADD */ret = EVP_EncryptUpdate(ctx, NULL, &outlen, aad, 32);ret = EVP_EncryptUpdate(ctx, NULL, &outlen, aad+64, 32);printf("Ret: %d Update AAD len: %d\n", ret, outlen);/* 加密原始數據 */ret = EVP_EncryptUpdate(ctx, ciphertext, &outlen, msg, 37);printf("Ret: %d Update len: %u\n", ret, outlen);print_strhex(ciphertext, outlen);ret = EVP_EncryptFinal(ctx, ciphertext, &finallen);printf("Ret: %d Final len: %u\n", ret, finallen);outlen += finallen;//print_strhex(ciphertext, outlen);/* 生成認證標簽TAG */unsigned char* tag_data = ciphertext + outlen;EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_GET_TAG, 16, tag_data);outlen += 16;print_strhex(ciphertext, outlen);dctx = EVP_CIPHER_CTX_new();//iv[0] = 0x0f;//skey2[0] = 0xff;//tag_data[0] = 0x01;//aad[0] = 0x01;ret = EVP_DecryptInit_ex(dctx, EVP_chacha20_poly1305(), NULL, skey2, iv);printf("DecryptInit ret: %d\n", ret);ret = EVP_CIPHER_CTX_ctrl(dctx, EVP_CTRL_GCM_SET_TAG, 16, tag_data);printf("Ret: %d CTX set TAG\n", ret);ret = EVP_DecryptUpdate(dctx, NULL, &reslen, aad, 32);ret = EVP_DecryptUpdate(dctx, NULL, &reslen, aad+64, 32);printf("Ret: %d Update AAD len: %d\n", ret, reslen);ret = EVP_DecryptUpdate(dctx, res, &reslen, ciphertext, outlen - 16);printf("Ret: %d DecryUpdate once len: %u\n", ret, reslen);int totallen = reslen;ret = EVP_DecryptFinal(dctx, res, &reslen);printf("Ret: %d DecryptFinal len: %u\n", ret, reslen);//reslen += finallen;//print_strhex(res, totallen);printf("%s\n", res); }總結
以上是生活随笔為你收集整理的Openssl中chacha20-poly1305的使用的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 【方法论述】量化投资——神话、黑箱与真谛
- 下一篇: matlab中poly2sym,poly