加密++;对称算法和认证块模式组合 我已经为V5.62实现了一个C++包装库,并对对称算法(例如BooFISH)和块模式(例如GCM)的组合提出了质疑。
我可以通过Blowfish/EAX对数据进行加密和解密,但使用Blowfish/GCM无法实现同样的功能。AES/EAX和AES/GCM都可以工作 以下简单应用程序演示了我的问题:加密++;对称算法和认证块模式组合 我已经为V5.62实现了一个C++包装库,并对对称算法(例如BooFISH)和块模式(例如GCM)的组合提出了质疑。,c++,encryption,encryption-symmetric,crypto++,block-cipher,C++,Encryption,Encryption Symmetric,Crypto++,Block Cipher,我可以通过Blowfish/EAX对数据进行加密和解密,但使用Blowfish/GCM无法实现同样的功能。AES/EAX和AES/GCM都可以工作 以下简单应用程序演示了我的问题: #include <iostream> #include <string> #include "cryptopp/blowfish.h" #include "cryptopp/filters.h" #include "cryptopp/eax.h" #include "cryptopp/gc
#include <iostream>
#include <string>
#include "cryptopp/blowfish.h"
#include "cryptopp/filters.h"
#include "cryptopp/eax.h"
#include "cryptopp/gcm.h"
#include "cryptopp/osrng.h"
#include "cryptopp/hex.h"
std::string encrypt(
CryptoPP::AuthenticatedSymmetricCipher &encryption,
std::string const kPlainText,
CryptoPP::SecByteBlock const kKey,
unsigned const char * kIV) {
std::string cipher_text;
// TODO Is this the source of the problem?
// BlockSize always returns 0 which leads to an exception if GCM block mode is used!
std::cout << encryption.BlockSize() << " bytes" << std::endl;
encryption.SetKeyWithIV(
kKey,
kKey.size(),
kIV
);
CryptoPP::StringSink *string_sink = new CryptoPP::StringSink(cipher_text);
CryptoPP::BufferedTransformation *transformator = NULL;
// The AuthenticatedEncryptionFilter adds padding as required.
transformator = new CryptoPP::AuthenticatedEncryptionFilter(
encryption,
string_sink);
bool const kPumpAll = true;
CryptoPP::StringSource(
kPlainText,
kPumpAll,
transformator);
return cipher_text;
}
std::string decrypt(
CryptoPP::AuthenticatedSymmetricCipher &decryption,
std::string const kCipherText,
CryptoPP::SecByteBlock const kKey,
unsigned const char * kIV) {
std::string recovered_plain_text;
decryption.SetKeyWithIV(
kKey,
kKey.size(),
kIV);
CryptoPP::StringSink *string_sink = new CryptoPP::StringSink(
recovered_plain_text);
CryptoPP::BufferedTransformation *transformator = NULL;
CryptoPP::AuthenticatedDecryptionFilter *decryption_filter = NULL;
decryption_filter = new CryptoPP::AuthenticatedDecryptionFilter(
decryption,
string_sink);
transformator = new CryptoPP::Redirector(*decryption_filter);
bool const kPumpAll = true;
CryptoPP::StringSource(
kCipherText,
kPumpAll,
transformator);
return recovered_plain_text;
}
int main() {
CryptoPP::AutoSeededRandomPool prng;
CryptoPP::SecByteBlock key(CryptoPP::Blowfish::DEFAULT_KEYLENGTH);
prng.GenerateBlock(key, key.size());
byte iv[CryptoPP::Blowfish::BLOCKSIZE];
prng.GenerateBlock(iv, sizeof(iv));
// Creates templated mode objects of block ciphers.
// This works...
// CryptoPP::EAX<CryptoPP::Blowfish>::Encryption encryption;
// CryptoPP::EAX<CryptoPP::Blowfish>::Decryption decryption;
// This does NOT work...
CryptoPP::GCM<CryptoPP::Blowfish>::Encryption encryption;
CryptoPP::GCM<CryptoPP::Blowfish>::Decryption decryption;
std::string plain_text = "Block Mode Test";
std::string cipher_text = encrypt(encryption, plain_text, key, iv);
// terminate called after throwing an instance of 'CryptoPP::InvalidArgument'
// what(): Blowfish/GCM: block size of underlying block cipher is not 16
std::cout << "cipher text: " << std::hex << cipher_text << std::endl;
std::cout << "recovered plain text: " << decrypt(decryption, cipher_text, key, iv) << std::endl;
}
但是当使用块模式EAX运行代码时,不会引发异常。因此,我的问题是:
- GCM是否仅适用于AES?GCM也可以用于河豚或3DES吗
- 是否有列出对称算法与块模式所有可能组合的矩阵
- 或者这是Crypto++中的一个bug?因为方法
总是返回BlockSize()
,但只有在使用河豚(或3DES)而不是AES时才会引发异常。这似乎提出了上述例外情况0
3DES
也是如此。该异常不是Crypto++中的错误
GCM将与其他具有128位块大小的Crypto++对象一起使用。它们包括AES、Cast-256、Rijndael、Cameilla、MARS、蛇和Twofish。有关块大小的表格,请访问
GCM也不适用于较大的块大小。例如,Rijndael
(AES的父级)提供192位和256位的块大小(AES
仅指定128位的块大小)。GCM不适用于较大的块大小。对于具有256位块大小的SHACAL-2
,情况也是如此
Crypto++的BlockSize()
有时返回0(它与模板参数有关)。相反,使用编译时常量,如AES::BLOCKSIZE
、Camellia::BLOCKSIZE
和Rijndael::BLOCKSIZE
。这可能被认为是一个bug
Blowfish/GCM: block size of underlying block cipher is not 16