AES-GCM算法是带认证和加密的算法,同时可以对给定的原文,生成加密数据和认证码。参数如下:
1)带加密的原文、2)存储加密后密文、3)IV向量、4)生成的消息验证码tag、5)额外的消息认证数据aad,通信双方需要共享;
整个AES-GCM算法代码如下:
#include
#include
#include
#include
#define AES_CIPHER_BLOCK_SIZE 16
/* 本测试demo用了一个静态的key
*
* Note: AES-128 key size is 16 bytes (AES_KEY_LEN128)
*/
unsigned char aes_key[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
};
/* 带加密的数据原文.
*/
unsigned char plain_data[] = {
0x55, 0x73, 0x69, 0x6e, 0x67, 0x20, 0x6c, 0x69,
0x62, 0x69, 0x63, 0x61, 0x20, 0x69, 0x73, 0x20,
0x73, 0x6d, 0x61, 0x72, 0x74, 0x20, 0x61, 0x6e,
0x64, 0x20, 0x65, 0x61, 0x73, 0x79, 0x21, 0x00
};
/* 初始化的IV向量. The initialization vector
* size must be greater than 0 and less than 2**61. A length of
* 12 is recommended.
*/
unsigned char iv[12] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0A, 0x0B
};
/* aad是额外的认证数据,aad数组用于计算生成AES-GCM消息的认证码,不用于加密。
*/
unsigned char aad[] = {
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F
};
/* Prints hex values to standard out. */
static void dump_data(unsigned char *data, unsigned long length);
/* Prints a description of the return value to standard out. */
static int handle_ica_error(int rc);
int main(char **argv, int argc)
{
int rc;
/* tag数组存储者明文数据和aad变量的消息验证码.
* Note: The authentication strength depends on the length of the
* authentication tag
*/
unsigned char tag[16];
unsigned char cipher_data[sizeof(plain_data)]; //存储者AES-GCM加密后的数据
unsigned char decrypt_data[sizeof(plain_data)]; //存储者AES-GCM解密后的数据
/* Dump key, iv, aad and plain data to standard output, just for
* a visual control.
*/
printf("AES key:\n");
dump_data(aes_key, sizeof(aes_key));
printf("IV:\n");
dump_data(iv, sizeof(iv));
printf("AAD:\n");
dump_data(aad, sizeof(aad));
printf("plain data:\n");
dump_data(plain_data, sizeof(plain_data));
/* 使用AES-GCM将明文数据plain_data加密成密文cipher_data,同时根据plain_data和aad变量生成消息验证码tag变量*/
//ICA_ENCRYPT=0
rc = ica_aes_gcm(plain_data, sizeof(plain_data), cipher_data,
iv, sizeof(iv),
aad, sizeof(aad),
tag, sizeof(tag),
aes_key, AES_KEY_LEN128,
ICA_ENCRYPT);
/* Error handling (if necessary). */
if (rc)
return handle_ica_error(rc);
/* Dump encrypted data.
*/
printf("encrypted data:\n");
dump_data(cipher_data, sizeof(plain_data));
printf("Authetication code:\n");
dump_data(tag, sizeof(tag));
/* GCM解密,将cipher data解密到decrypted data.
* Note: 跟GCM加密必须使用相同的AES key, IV and AAD.
* tag消息验证码用于认证校验解密后的decrypt_data和aad变量是否一致.
* 如消息验证码tag认证不通过, 将返回EFAULT.
*/
rc = ica_aes_gcm(decrypt_data, sizeof(plain_data), cipher_data,
iv, sizeof(iv),
aad, sizeof(aad),
tag, sizeof(tag),
aes_key, AES_KEY_LEN128,
ICA_DECRYPT);
/* Error handling (if necessary). */
if (rc)
return handle_ica_error(rc);
/* Dump decrypted data.
* Note: Please compare output with the plain data, they are the same.
*/
printf("decrypted data:\n");
dump_data(decrypt_data, sizeof(plain_data));
/* Surprise... :-)
* Note: The following will only work in this example!
*/
printf("%s\n", decrypt_data);
}
static void dump_data(unsigned char *data, unsigned long length)
{
unsigned char *ptr;
int i;
for (ptr = data, i = 1; ptr < (data+length); ptr++, i++) {
printf("0x%02x ", *ptr);
if ((i % AES_CIPHER_BLOCK_SIZE) == 0)
printf("\n");
}
if (i % AES_CIPHER_BLOCK_SIZE)
printf("\n");
}
static int handle_ica_error(int rc)
{
switch (rc) {
case 0:
printf("OK\n");
break;
case EINVAL:
printf("Incorrect parameter.\n");
break;
case EPERM:
printf("Operation not permitted by Hardware (CPACF).\n");
break;
case EIO:
printf("I/O error.\n");
break;
case EFAULT:
printf("The verification of the message authentication code has failed.\n");
break;
default:
printf("unknown error.\n");
}
return rc;
}