openssl3.2 - 官方demo学习 - mac - cmac-aes256.c

最新推荐文章于 2024-12-09 00:30:00 发布
最新推荐文章于 2024-12-09 00:30:00 发布
阅读量762 收藏 5
点赞数 5
文章标签: openSSL
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/LostSpeed/article/details/135604538
版权
本文详细介绍了如何在OpenSSL3.2中使用EVP_MAC方法,特别是通过AES-256-CBC算法计算和验证消息认证码(MAC)。演示了加密密钥的使用、明文处理以及MAC生成与预期值的比较。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

文章目录

openssl3.2 - 官方demo学习 - mac - cmac-aes256.c

概述

指定加密算法(e.g. AES-256-CBC), 对明文生成MAC数据

笔记

/*!
\file cmac-aes256.c
\note openssl3.2 - 官方demo学习 - mac - cmac-aes256.c
指定加密算法(e.g. AES-256-CBC), 对明文生成MAC数据
*/

/*-
 * Copyright 2022-2023 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

 /*
  * Example of using EVP_MAC_ methods to calculate
  * a CMAC of static buffers
  */

#include <string.h>
#include <stdio.h>
#include <openssl/crypto.h>
#include <openssl/core_names.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/cmac.h>
#include <openssl/params.h>

#include "my_openSSL_lib.h"

  /*
   * Hard coding the key into an application is very bad.
   * It is done here solely for educational purposes.
   */
static unsigned char key[] = {
	0x6c, 0xde, 0x14, 0xf5, 0xd5, 0x2a, 0x4a, 0xdf,
	0x12, 0x39, 0x1e, 0xbf, 0x36, 0xf9, 0x6a, 0x46,
	0x48, 0xd0, 0xb6, 0x51, 0x89, 0xfc, 0x24, 0x85,
	0xa8, 0x8d, 0xdf, 0x7e, 0x80, 0x14, 0xc8, 0xce,
};

static const unsigned char data[] =
"To be, or not to be, that is the question,\n"
"Whether tis nobler in the minde to suffer\n"
"The ſlings and arrowes of outragious fortune,\n"
"Or to take Armes again in a sea of troubles,\n"
"And by opposing, end them, to die to sleep;\n"
"No more, and by a sleep, to say we end\n"
"The heart-ache, and the thousand natural shocks\n"
"That flesh is heir to? tis a consumation\n"
"Devoutly to be wished. To die to sleep,\n"
"To sleepe, perchance to dreame, Aye, there's the rub,\n"
"For in that sleep of death what dreams may come\n"
"When we haue shuffled off this mortal coil\n"
"Must give us pause. There's the respect\n"
"That makes calamity of so long life:\n"
"For who would bear the Ships and Scorns of time,\n"
"The oppressor's wrong, the proud man's Contumely,\n"
"The pangs of dispised love, the Law's delay,\n"
;

/* The known value of the CMAC/AES256 MAC of the above soliloqy */
static const unsigned char expected_output[] = {
	0x67, 0x92, 0x32, 0x23, 0x50, 0x3d, 0xc5, 0xba,
	0x78, 0xd4, 0x6d, 0x63, 0xf2, 0x2b, 0xe9, 0x56,
};

/*
 * A property query used for selecting the MAC implementation.
 */
static const char* propq = NULL;

int main(void)
{
	int ret = EXIT_FAILURE;
	OSSL_LIB_CTX* _ossl_lib_ctx = NULL;
	EVP_MAC* _evp_mac = NULL;
	EVP_MAC_CTX* _evp_mac_ctx = NULL;
	unsigned char* out = NULL;
	size_t out_len = 0;
	OSSL_PARAM _ossl_param_ary[4], * p_ossl_param = _ossl_param_ary;
	char cipher_name[] = "AES-256-CBC";

	_ossl_lib_ctx = OSSL_LIB_CTX_new();
	if (_ossl_lib_ctx == NULL) {
		fprintf(stderr, "OSSL_LIB_CTX_new() returned NULL\n");
		goto end;
	}

	/* Fetch the CMAC implementation */
	_evp_mac = EVP_MAC_fetch(_ossl_lib_ctx, "CMAC", propq);
	if (_evp_mac == NULL) {
		fprintf(stderr, "EVP_MAC_fetch() returned NULL\n");
		goto end;
	}

	/* Create a context for the CMAC operation */
	_evp_mac_ctx = EVP_MAC_CTX_new(_evp_mac);
	if (_evp_mac_ctx == NULL) {
		fprintf(stderr, "EVP_MAC_CTX_new() returned NULL\n");
		goto end;
	}

	/* The underlying cipher to be used */
	*p_ossl_param++ = OSSL_PARAM_construct_utf8_string(OSSL_MAC_PARAM_CIPHER, cipher_name,
		sizeof(cipher_name));
	*p_ossl_param = OSSL_PARAM_construct_end();

	/* Initialise the CMAC operation */
	if (!EVP_MAC_init(_evp_mac_ctx, key, sizeof(key), _ossl_param_ary)) {
		fprintf(stderr, "EVP_MAC_init() failed\n");
		goto end;
	}

	/* Make one or more calls to process the data to be authenticated */
	if (!EVP_MAC_update(_evp_mac_ctx, data, sizeof(data))) {
		fprintf(stderr, "EVP_MAC_update() failed\n");
		goto end;
	}

	/* Make a call to the final with a NULL buffer to get the length of the MAC */
	if (!EVP_MAC_final(_evp_mac_ctx, NULL, &out_len, 0)) {
		fprintf(stderr, "EVP_MAC_final() failed\n");
		goto end;
	}
	out = OPENSSL_malloc(out_len);
	if (out == NULL) {
		fprintf(stderr, "malloc failed\n");
		goto end;
	}
	/* Make one call to the final to get the MAC */
	if (!EVP_MAC_final(_evp_mac_ctx, out, &out_len, out_len)) {
		fprintf(stderr, "EVP_MAC_final() failed\n");
		goto end;
	}

	printf("Generated MAC:\n");
	BIO_dump_indent_fp(stdout, out, (int)out_len, 2);
	putchar('\n');

	if (out_len != (size_t)sizeof(expected_output)) {
		fprintf(stderr, "Generated MAC has an unexpected length\n");
		goto end;
	}

	if (CRYPTO_memcmp(expected_output, out, sizeof(expected_output)) != 0) {
		fprintf(stderr, "Generated MAC does not match expected value\n");
		goto end;
	}

	ret = EXIT_SUCCESS;
end:
	if (ret != EXIT_SUCCESS)
		ERR_print_errors_fp(stderr);
	/* OpenSSL free functions will ignore NULL arguments */
	OPENSSL_free(out);
	EVP_MAC_CTX_free(_evp_mac_ctx);
	EVP_MAC_free(_evp_mac);
	OSSL_LIB_CTX_free(_ossl_lib_ctx);
	return ret;
}

END

LostSpeed
关注
【owt】构建m79的owt-client-native:使用vs2017
突围
09-24 273
owt-client-native
【owt】ConfSampleMFC.exe的vs2017和vs2022构建
突围
09-24 256
owt
AES工具 V1.0.2AES计算工具 ,hex的aes计算 (ecb,cbc)AES CMAC
05-28
高级加密标准(英语:Advanced Encryption Standard,缩写:AES)。 升级版本V1.0.2,增加输入框长度的限制;增加对文件加密的功能。 支持AES-CMAC的计算。 AES计算工具,支持128,192,256长度的秘钥,支持长度大于16字节的AES 加密和解密,还有支持AES-CMAC的计算。 AES算法工具。支持初始向量。 支持AES-cmac
openssl 消息认证码CMAC支持
kkxgx的专栏
08-27 1万+
之前在openssl0.9.8中还不支持CMC,而现在的最新版开始支持CMAC了,我目前下载了两个版本openssl-1.0.1c 及openssl-1.0.1e 中都支持。而HMACopenssl-0.9.8 中就已经支持。下面首先简单介绍一下HMAC及CMCA的区别。 1,HMAC (keyed-hash message authentication code) HAMAC 最主要的目的
AES对称加密CBC256
IQ_HJB的博客
04-12 2836
AES对称加密CBC256
Python实现AES_256 CBC模式加密算法
u010741112的博客
12-15 3200
AES AES(Advanced Encryption Standard)高级加密标准。是美国联邦政府采用的一种区块加密标准。这个标准用来替代原先的DES,已经被多方分析且广为全世界所使用。经过多年的甄选流程,高级加密标准由美国国家标准与技术研究院(NIST)于2001年11月26日发布于FIPS PUB 197,并在2002年5月26日成为有效的标准。2006年,高级加密标准已然成为对称密钥加密中最流行的算法之一。 AES最常见的有3种方案,分别是AES-128、AES-192AES-256,它们的区别
Linux 使用openssl命令行计算文件hash值,hmaccmac的digest值
weixin_37207685的博客
07-30 914
Linux 使用openssl命令行计算hash值,hmaccmac
AES-CMAC源码&amp;amp;官方文档
04-21
完成官方手册中的demo测试,意味着源码已经成功实现了AES-CMAC算法,并且能够在各种示例消息上正确生成和验证MAC值。 理解AES-CMAC的原理和实现细节对于任何涉及数据安全和完整性验证的项目都是至关重要的。通过...
CMAC.pdf.7z
02-12
在本文档中,你将深入理解CMAC的工作原理、实现方法以及其与MAC和HMAC的区别。 **CMAC的核心概念** 1. **块密码**:CMAC的基础是块密码,如AES,它将明文分成固定大小的块进行加密处理。 2. **密钥扩展**:CMAC...
对称加密算法AES的MbedTLS代码实现Demo
最新发布
mickey2007的博客
12-09 884
AES (Advanced Encryption Standard) 加密算法就是一种广泛使用的对称加密算法。该算法用来替代原先的DES,已经被多方分析且广为全世界所使用。经过五年的甄选流程,AES由美国国家标准与技术研究院(NIST)于2001年11月26日发布于FIPS PUB 197,并在2002年5月26日成为有效的标准。2006年,AES已然成为对称密钥加密中最流行的算法之一。
AES 加密工具(ECB,CBC,CMAC
06-25
AES工具,支持ECB,CBC加解密运算,以及CMAC运算。支持多种PADDING
The AES-CMAC Algorithm
11-22
详细介绍了AES-CMAC的算法的原理与实现,附有C语言写的样例程序。 以下是原文的introduction: The National Institute of Standards and Technology (NIST) has recently specified the Cipher-based Message Authentication Code(CMAC). CMAC [NIST-CMAC] is a keyed hash function that is based on a symmetric key block cipher, such as the Advanced Encryption Standard [NIST-AES]. CMAC is equivalent to the One-Key CBC MAC1 (OMAC1) submitted by Iwata and Kurosawa [OMAC1a, OMAC1b]. OMAC1 is an improvement of the eXtended Cipher Block Chaining mode (XCBC) submitted by Black and Rogaway [XCBCa, XCBCb], which itself is an improvement of the basic Cipher Block Chaining-Message Authentication Code (CBC-MAC). XCBC efficiently addresses the security deficiencies of CBC-MAC, and OMAC1 efficiently reduces the key size of XCBC. AES-CMAC provides stronger assurance of data integrity than a checksum or an error-detecting code. The verification of a checksum or an error-detecting code detects only accidental modifications of the data, while CMAC is designed to detect intentional, unauthorized modifications of the data, as well as accidental modifications. AES-CMAC achieves a security goal similar to that of HMAC [RFC-HMAC]. Since AES-CMAC is based on a symmetric key block cipher, AES, and HMAC is based on a hash function, such as SHA-1, AES-CMAC is appropriate for information systems in which AES is more readily available than a hash function. This memo specifies the authentication algorithm based on CMAC with AES-128. This new authentication algorithm is named AES-CMAC.
CMAC网络逼近二次函数-CMAC_MultiIn.m
08-13
CMAC网络逼近二次函数-CMAC_MultiIn.m CMAC网络逼近函数y=sin/x1*sin/x2 附件: 运行结果:
aes256加密_保护隐私内容,这些安全专业的mac加密软件为您助力~
weixin_39600823的博客
11-04 324
想要保护私密内容?加密软件必不可少,哪款加密软件mac版好用呢?操作更简便直观绝对选择的第一要素,小编选了几款比较给力分享给大家,需要的带走吧~保护隐私内容,这些安全专业的mac加密软件为您助力~Signal Desktop for Mac(专业加密通讯工具)一款Macos上的专业加密通讯工具,十分安全。使用了信号协议,该协议结合了预密钥,Double Ratchet算法和3-DH握手信号,可确保...
代码示例:OpenSSL AES CBC 加密
编程之道在明明德在亲民在止于至善
04-06 2886
代码示例:OpenSSL AES CBC 加密
AES-CMAC算法应用实例
qq_38387829的博客
08-15 5641
针对一些需要使用AES-MAC的加密的项目,进行相关的算法介绍以及代码的开源,供大家调试。
CMAC--基于分组密码的消息认证码的实现及其应用
热门推荐
基基1234的博客
11-20 1万+
前言 CMAC(基于分组加密的消息认证码),一般用作消息的签名。与HMAC相同的是都需要一把秘钥来加密内容得到MAC,只是MAC的产生方法不同,一个是用hash算法,一个是用分组加密算法。两种方法具体原理参见: https://blog.csdn.net/kkxgx/article/details/10307663 实际上,CMAC-128的计算结果是128位的,而AES的密钥也是128位的...
字符串AES对称加密-openssl命令及C语言实现
hinewcc的博客
04-22 3291
openssl命令和C语言方式实现相同的字符串AES对称加、解密功能。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值