aes128 cmac java,C语言实现AES-128 CMAC算法

原子弹001C语言 2023-12-09 21:50:34 3833阅读 举报

MessageAuthentication Code(MAC)是一种保障信息完整性和认证的密码学方法,其中CMAC的全称是Cypher-Based

Message Authentication Code,基于AES等对称加密方式实现消息认证。通信双方需要共享一个对称密钥,由发送方生成一个MAC值,附在消息后面,接收方计算收到消息的MAC,如果和收到的MAC一致,则说明没有被篡改,并且能确认发送方一定拥有相同的密钥,即认证身份。

美国国家标准与技术研究院NIST推荐了一种CMAC计算方式,可以避免CBC-MAC带来的缺点,编号为800-3B,文档可以从其官网上下载。该算法通过MAC密钥生成k1和k2两个子密钥,并规定了数据位填充的规则,可以通过AES-128、AES-192、AES-256三种模式进行MAC计算,支持所有整数字节的数据以及长度为0的输入。下图为MAC算法处理不需要位填充和需要位填充的两种情况。本文介绍AES-128生成的CMAC实现。

97415eca387a1225db3195890cefbdcb.png

本C代码外部依赖项是mbedTLS的密码学库,下载及使用见《C语言实现AES加密解密》。

55ec2faf725863810335e3748b5175cb.png

表1外部调用列表

本CMAC算法包括的内部函数如下。

b00a2f0afbb7289df425ad5cfb0987fa.png

表2本代码中设计的函数

本CMAC算法包括的全局变量如下。

b03695dc4be6515d6f70e8723d0faf5f.png

表3本代码中的全局变量

CMAC实现部分代码如下:

#include

#include "mbedtls/aes.h"

#include "mbedtls/compat-1.3.h"

uint8_t MAC[16];

uint8_t MACkey[16];

uint8_t k1[16];

uint8_t k2[16];

mbedtls_aes_context aes;

void leftshift(int len, uint8_t* add, uint8_t*des)

{

int i;

for (i = 0; i < len - 1; i++)

{

des[i] = (add[i] << 1) + (add[i + 1] >= 0x80?1:0);

}

des[len - 1] = add[len - 1] << 1;

}

void ArrayXor(int len, uint8_t*a1, uint8_t*a2, uint8_t*des)

{

int i;

for (i = 0; i < len; i++)

{

des[i] = a1[i] ^ a2[i];

}

}

void LoadMacKey(uint8_t *key)

{

int i;

uint8_t plain[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};

uint8_t Rb[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x87 };

uint8_t c0[16];

for (i = 0; i < 16; i++)

{

MACkey[i] = key[i]; // set MAC key

}

mbedtls_aes_setkey_enc(&aes, MACkey, 128);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, plain, c0);

if (c0[0]<0x80) //generate k1

{

leftshift(16, c0, k1);

}

else

{

leftshift(16, c0, k1);

ArrayXor(16, k1, Rb, k1);

}

if (k1[0] < 0x80) //generate k2

{

leftshift(16, k1, k2);

}

else

{

leftshift(16, k1, k2);

ArrayXor(16, k2, Rb, k2);

}

}

void GenerateMAC(int len, uint8_t *add, uint8_t *macvalue)

{

int i,block;

uint8_t IVtemp[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};

uint8_t Blocktemp[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };

if (len % 16 == 0 && len!=0)

{

mbedtls_aes_setkey_enc(&aes, MACkey, 128);// load mac key

block = len / 16;

for (i = 0; i < block-1; i++)

{

ArrayXor(16, &add[i * 16], IVtemp, Blocktemp);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, Blocktemp, IVtemp);

}

ArrayXor(16, &add[(block-1)*16], IVtemp, Blocktemp);

ArrayXor(16, Blocktemp, k1, Blocktemp);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, Blocktemp, macvalue);

}

else

{

if (len==0)

{

mbedtls_aes_setkey_enc(&aes, MACkey, 128);// load mac key

block = 1;

Blocktemp[0] = 0x80;//padding the first bit with 1

ArrayXor(16, Blocktemp, k2, Blocktemp);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, Blocktemp, macvalue);

}

else

{

mbedtls_aes_setkey_enc(&aes, MACkey, 128);// load mac key

uint8_t remain = len % 16;

block = len / 16 + 1;

for (i = 0; i < block - 1; i++)

{

ArrayXor(16, &add[i * 16], IVtemp, Blocktemp);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, Blocktemp, IVtemp);

}

// the last block padding

for (i = 0; i < remain; i++)

{

Blocktemp[i] = add[(block - 1) * 16 + i];

}

Blocktemp[remain] = 0x80;

for (i = remain + 1; i < 16; i++)

{

Blocktemp[i] = 0;

}

// end of the last block padding

ArrayXor(16, Blocktemp, k2, Blocktemp);

ArrayXor(16, Blocktemp, IVtemp, Blocktemp);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, Blocktemp, macvalue);

}

}

}

uint8_t VerifyMAC(int len, uint8_t *add, uint8_t *macvalue1)

{

int i, block;

uint8_t IVtemp[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };

uint8_t Blocktemp[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };

uint8_t macvalue[16];

uint8_t result=1;

if (len % 16 == 0 && len != 0)

{

mbedtls_aes_setkey_enc(&aes, MACkey, 128);// load mac key

block = len / 16;

for (i = 0; i < block - 1; i++)

{

ArrayXor(16, &add[i * 16], IVtemp, Blocktemp);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, Blocktemp, IVtemp);

}

ArrayXor(16, &add[(block - 1) * 16], IVtemp, Blocktemp);

ArrayXor(16, Blocktemp, k1, Blocktemp);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, Blocktemp, macvalue);

}

else

{

if (len == 0)

{

mbedtls_aes_setkey_enc(&aes, MACkey, 128);// load mac key

block = 1;

Blocktemp[0] = 0x80;//padding the first bit with 1

ArrayXor(16, Blocktemp, k2, Blocktemp);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, Blocktemp, macvalue);

}

else

{

mbedtls_aes_setkey_enc(&aes, MACkey, 128);// load mac key

uint8_t remain = len % 16;

block = len / 16 + 1;

for (i = 0; i < block - 1; i++)

{

ArrayXor(16, &add[i * 16], IVtemp, Blocktemp);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, Blocktemp, IVtemp);

}

// the last block padding

for (i = 0; i < remain; i++)

{

Blocktemp[i] = add[(block - 1) * 16 + i];

}

Blocktemp[remain] = 0x80;

for (i = remain + 1; i < 16; i++)

{

Blocktemp[i] = 0;

}

// end of the last block padding

ArrayXor(16, Blocktemp, k2, Blocktemp);

ArrayXor(16, Blocktemp, IVtemp, Blocktemp);

mbedtls_aes_crypt_ecb(&aes, AES_ENCRYPT, Blocktemp, macvalue);

}

}

result = 1;

for (i = 0; i < 16; i++)

{

if (macvalue[i] != macvalue1[i])

{

return(result);

}

}

result = 0;

return(result);

}

Main函数部分代码如下:

int main()
{

uint8_t data[64] = { 0x6b, 0xc1, 0xbe, 0xe2, 0x2e, 0x40, 0x9f, 0x96, 0xe9, 0x3d, 0x7e, 0x11, 0x73, 0x93, 0x17, 0x2a,

0xae, 0x2d, 0x8a, 0x57, 0x1e, 0x03, 0xac, 0x9c, 0x9e, 0xb7, 0x6f, 0xac, 0x45, 0xaf, 0x8e, 0x51,

0x30, 0xc8, 0x1c, 0x46, 0xa3, 0x5c, 0xe4, 0x11, 0xe5, 0xfb, 0xc1, 0x19, 0x1a, 0x0a, 0x52, 0xef,

0xf6, 0x9f, 0x24, 0x45, 0xdf, 0x4f, 0x9b, 0x17, 0xad, 0x2b, 0x41, 0x7b, 0xe6, 0x6c, 0x37, 0x10 };

uint8_t tf=2;

uint8_t tk[16] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c };

LoadMacKey(tk);//加载MAC key

GenerateMAC(33, data, MAC);// 数据字节长度,数据地址,MAC地址

tf=VerifyMAC(33, data, MAC); // 数据字节长度,数据地址,MAC地址

}





版权声明:
作者:原子弹001
链接:https://www.dianziwang.net/p/463b7924ec542.html
来源:C语言
文章版权归作者所有,未经允许请勿转载,若此文章存在违规行为,您可以点击 “举报”


登录 后发表评论
0条评论
还没有人评论过~