Я пытаюсь использовать знаменитые процедуры шифрования AES д-ра Брайана Глэдмана, в данном случае версию с режимом счетчика Галуа, и у меня возникает ошибка, и я не могу найти причину.
Я написал небольшую демонстрационную программу, которая показывает, что я пытаюсь сделать, и на самом деле она работает, но в конце она перестает работать.
Я немного заржавел в Си, поэтому ошибка может быть очевидна для мудрых руководителей.
Вот моя программа, которая, я надеюсь, является максимально короткой и удобочитаемой:
/* This program tries to be a demo for Dr Brian Gladman's AES-GCM encryption code.
The plan is to use AES-GCM to encrypt a short message, and provide an authentication key.
And then to decrypt the ciphertext, verifying the authentication tag on the way.*/
#include<stdio.h>
#include<assert.h>
#include "aes-modes/gcm.h"
/*note that uint_8t is Dr Gladman's type, not to be confused with uint8_t from C99*/
void print_uint_8t_array(uint_8t *a, int len, char* name)
{
int i;
printf("%-10s:", name);
for(i=0; i< len; i++){
if(a[i]==0x00) printf("-");
else if(a[i]>=0x20 && a[i]<=0x7e) printf("%c", a[i]);
else printf("~");
}
printf("\n");
}
#define p8(name) (print_uint_8t_array((name), (sizeof(name)), (#name)))
/*Dr Gladman's functions return 0,1 or -1, to be interpreted so:*/
void interpret_retval(AES_RETURN retval){
switch(retval){
case 0:
printf("RETURN_GOOD\n");
break;
case 1:
printf("RETURN_WARN\n");
break;
case -1:
printf("RETURN_ERROR\n");
break;
default: printf("Unknown return value");
assert(0);
break;
}
}
int main(void){
printf("GCM-AES encryption/decryption/authentication example\n");
aes_init();
/*I think that this is only needed if you've compiled the libraries to make up
their tables at runtime. If the tables are compiled in, then it's
unnecessary but probably doesn't do any harm.*/
uint_8t key[32]="01234567890123456789012345678901";
uint_8t iv[32]="01234567890123456789012345678901";
uint_8t header[]="Here is a header, which is not to be encrypted, but which is nevertheless to be proved to have been placed in the message by someone who knows the key.";
uint_8t message[]="Here is some text which is to be protected from the prying eyes of those who do not know the key, whilst at the same time it is to carry along with it an unencrypted header, and a with them both a tag proving beyond reasonable doubt that the two were packaged together and run through the aes-gcm algorithm by someone who knew the key.";
uint_8t tag[32]="01234567890123456789012345678901";
void printtexts(void)
{
printf("-----------------------------------\n");
p8(key);
p8(iv);
printf("-----------------------------------\n");
p8(header);
p8(message);
p8(tag);
printf("-----------------------------------\n");
}
printtexts();
{
gcm_ctx ecx[1];
printf("encrypting....\n");
gcm_init_and_key(key, sizeof(key), ecx);
interpret_retval(gcm_encrypt_message(iv, sizeof(iv), header, sizeof(header), message, sizeof(message), tag, sizeof(tag), ecx));
gcm_end(ecx);
printf("done\n");
}
printtexts();
{
gcm_ctx dcx[1];
printf("decrypting....\n");
gcm_init_and_key(key, sizeof(key), dcx);
interpret_retval(gcm_decrypt_message(iv, sizeof(iv), header, sizeof(header), message, sizeof(message), tag, sizeof(tag), dcx));
gcm_end(dcx);
printf("done\n");
}
printtexts();
return 0;
}
А вот и результат. Кажется, что шифрование / дешифрование и тегирование работают, но есть неправильный код возврата и ошибка.
jla@jaspden-desktop$ ./test3
GCM-AES encryption/decryption/authentication example
-----------------------------------
key :01234567890123456789012345678901
iv :01234567890123456789012345678901
-----------------------------------
header :Here is a header, which is not to be encrypted, but which is nevertheless to be proved to have been placed in the message by someone who knows the key.-
message :Here is some text which is to be protected from the prying eyes of those who do not know the key, whilst at the same time it is to carry along with it an unencrypted header, and a with them both a tag proving beyond reasonable doubt that the two were packaged together and run through the aes-gcm algorithm by someone who knew the key.-
tag :01234567890123456789012345678901
-----------------------------------
encrypting....
RETURN_GOOD
done
-----------------------------------
key :01234567890123456789012345678901
iv :01234567890123456789012345678901
-----------------------------------
header :Here is a header, which is not to be encrypted, but which is nevertheless to be proved to have been placed in the message by someone who knows the key.-
message :~(}Hr~|o~~:~D~~~~3~~T~C~C(l~~~'~~~UC~D~~~~&O~ ~L~-~~~E&~~~~!~~~~~K~~~~M<|l%<ho~"~[A~0~~O~3T~%8K~~~L~~~~~~~~~7~~~~~~~~e~~~~;~392~8<~~ ~~v,E~~~~~~~~~~~W~yd~~C$H~~~*r~~~_~~~~O~u~h\9s~~`%~~~~~&~~~~~~.~~Q~~~Y~Ix~A~~~a5~~~~|~~9J~~~~~~~~ ~~ZOiX~~~~~~f~~`e~~~Ju~Z~~~X~g~OX~C~~~~~~~~~(~~gyT~~x~L~4>~Z~~ge~~~08~;~@~s~3~~WA~~~~Z-~~~~/~~~~~~Tj~bL~~
tag :|~~,~2~~Ec~~~A~~~~~_j{~~~~`~~~u~
-----------------------------------
decrypting....
RETURN_ERROR
done
-----------------------------------
key :01234567890123456789012345678901
iv :01234567890123456789012345678901
-----------------------------------
header :Here is a header, which is not to be encrypted, but which is nevertheless to be proved to have been placed in the message by someone who knows the key.-
message :Here is some text which is to be protected from the prying eyes of those who do not know the key, whilst at the same time it is to carry along with it an unencrypted header, and a with them both a tag proving beyond reasonable doubt that the two were packaged together and run through the aes-gcm algorithm by someone who knew the key.-
tag :|~~,~2~~Ec~~~A~~~~~_j{~~~~`~~~u~
-----------------------------------
Segmentation fault (core dumped)