前言:
在偉大的計算機科學家研究下,發明了許多的加密算法,以下做個簡答的描述:
一、分類
加密算法分為兩種:單向加密、雙向加密。
單向加密,不可逆的加密算法,只能加密不能解密;
雙向加密,由對稱性加密算法和非對稱性加密算法;
對稱性加密:約定好的密鑰和統一的加密算法,雙發對數據進行加密、解密;
// 加密解密用的是同樣的“鑰匙”
張無忌將一個加了鎖的盒子寄給了趙敏,
趙敏收到盒子后用相同的鑰匙打開,然后同樣的方式寄回給張無忌;
非對稱性加密:公鑰和私鑰組成,公鑰加密私鑰解密;
// 加密解密用的是不同的“鑰匙”
張無忌和趙敏各有自己的盒子。趙敏要跟張無忌秘密通信,她先讓張無忌把盒子打開通過郵局發給她。
趙敏拿到盒子后放入信息鎖上,然后發給張無忌。張無忌就可以用他自己的鑰匙打開了。回復的話就用同樣的方式。
二、SSL(HTTPS 協議)加密原理
SSL 就是典型的非對稱性加密方式,結合上面的描述,簡單描述一下 SSL 原理:
1、當你的瀏覽器向服務器請求一個安全的網頁(通常是 https://);
2、服務器就把它的證書和(非對稱性加密的)公鑰發回來;
3、瀏覽器檢查證書是不是由可以信賴的機構頒發的,確認證書有效和此證書是此網站的;
4、瀏覽器使用服務器給的公鑰加密了一個隨機對稱密鑰 (瀏覽器隨機生成一個對稱性密鑰,采用服務器的公鑰進行加密),
包括加密的URL一起發送到服務器
5、服務器用自己的私鑰解密了瀏覽器發送的密鑰,然后用這個對稱性加密的密鑰解密瀏覽器的請求信息;
6、服務器用你發的對稱鑰匙給你請求的網頁加密。你也有相同的鑰匙就可以解密發回來的網頁了;
// 非對稱算法在加密和解密時用的是不同的鑰匙。
信息接受者有兩把鑰匙:一把“公匙”,一把“私匙”。
公匙是給信息發送者用來加密的,私匙是自己用來解密的這樣最大的好處是:
不必通過不安全的渠道發送私密的東西。公匙本來就是給別人用的,不用藏好。
你的私匙在你產生私匙的電腦里保存着。
// 如果還是沒能完全理解,把非對稱性加密中的 "張無忌、趙敏" 分別換成客戶端(瀏覽器)與服務器(Web)
三、常用的算法
對稱性加密算法:AES、DES、3DES
非對稱性加密算法:RSA、DSA、ECC
線性散列算法(不是加密算法):MD5、SHA1、HMAC
四、AES 加密算法
AES 又稱“矩陣加密算法”其原理采用字節矩陣上進行“或與非”的操作(置換和替代),
達到數據被重新排列、或者替換成為另一個完全不相同的數據;
從而達到可以采用相同的密鑰進行“回轉”;
AES 加密的區塊長度固定為 128、192、256 位(bit);
(附破圖一張)
AES 加密過程涉及到 4 種操作:
字節替代(SubBytes)
行移位(ShiftRows)
列混淆(MixColumns)
輪密鑰加(AddRoundKey)
解密過程分別為對應的逆操作,
由於每一步操作都是可逆的,按照相反的順序進行解密即可恢復明文。
字節替代(SubBytes)
字節代替的主要功能是通過一個固定的“矩陣”(想象成 Excel 表格上的數據)
完成一個字節到另外一個字節的映射。
行移位(ShiftRows)
行移位的功能是實現一個 4x4 矩陣內部字節之間的置換。
其實應該就是高級編程不常用的“或與非 ^ & | ”操作;
采用正向行移位和逆向行移位到達預期結果;
列混淆(MixColumns)
利用GF(28)域上算術特性的一個代替。
具體沒有深究,有點小復雜,總之一句話代替就是 TM 在矩陣上根據數學公式搞來搞去;
1 /* 2 * Advanced Encryption Standard 3 * @author Dani Huertas 4 * @email huertas.dani@gmail.com 5 * 6 * Based on the document FIPS PUB 197 7 */ 8 #include <stdio.h> 9 #include <stdlib.h> 10 #include <stdint.h> 11 12 /* 13 * Addition in GF(2^8) 14 * http://en.wikipedia.org/wiki/Finite_field_arithmetic 15 */ 16 uint8_t gadd(uint8_t a, uint8_t b) { 17 return a^b; 18 } 19 20 /* 21 * Subtraction in GF(2^8) 22 * http://en.wikipedia.org/wiki/Finite_field_arithmetic 23 */ 24 uint8_t gsub(uint8_t a, uint8_t b) { 25 return a^b; 26 } 27 28 /* 29 * Multiplication in GF(2^8) 30 * http://en.wikipedia.org/wiki/Finite_field_arithmetic 31 * Irreducible polynomial m(x) = x8 + x4 + x3 + x + 1 32 */ 33 uint8_t gmult(uint8_t a, uint8_t b) { 34 35 uint8_t p = 0, i = 0, hbs = 0; 36 37 for (i = 0; i < 8; i++) { 38 if (b & 1) { 39 p ^= a; 40 } 41 42 hbs = a & 0x80; 43 a <<= 1; 44 if (hbs) a ^= 0x1b; // 0000 0001 0001 1011 45 b >>= 1; 46 } 47 48 return (uint8_t)p; 49 } 50 51 /* 52 * Addition of 4 byte words 53 * m(x) = x4+1 54 */ 55 void coef_add(uint8_t a[], uint8_t b[], uint8_t d[]) { 56 57 d[0] = a[0]^b[0]; 58 d[1] = a[1]^b[1]; 59 d[2] = a[2]^b[2]; 60 d[3] = a[3]^b[3]; 61 } 62 63 /* 64 * Multiplication of 4 byte words 65 * m(x) = x4+1 66 */ 67 void coef_mult(uint8_t *a, uint8_t *b, uint8_t *d) { 68 69 d[0] = gmult(a[0],b[0])^gmult(a[3],b[1])^gmult(a[2],b[2])^gmult(a[1],b[3]); 70 d[1] = gmult(a[1],b[0])^gmult(a[0],b[1])^gmult(a[3],b[2])^gmult(a[2],b[3]); 71 d[2] = gmult(a[2],b[0])^gmult(a[1],b[1])^gmult(a[0],b[2])^gmult(a[3],b[3]); 72 d[3] = gmult(a[3],b[0])^gmult(a[2],b[1])^gmult(a[1],b[2])^gmult(a[0],b[3]); 73 } 74 75 /* 76 * The cipher Key. 77 */ 78 int K; 79 80 /* 81 * Number of columns (32-bit words) comprising the State. For this 82 * standard, Nb = 4. 83 */ 84 int Nb = 4; 85 86 /* 87 * Number of 32-bit words comprising the Cipher Key. For this 88 * standard, Nk = 4, 6, or 8. 89 */ 90 int Nk; 91 92 /* 93 * Number of rounds, which is a function of Nk and Nb (which is 94 * fixed). For this standard, Nr = 10, 12, or 14. 95 */ 96 int Nr; 97 98 /* 99 * S-box transformation table 100 */ 101 static uint8_t s_box[256] = { 102 // 0 1 2 3 4 5 6 7 8 9 a b c d e f 103 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, // 0 104 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, 0xad, 0xd4, 0xa2, 0xaf, 0x9c, 0xa4, 0x72, 0xc0, // 1 105 0xb7, 0xfd, 0x93, 0x26, 0x36, 0x3f, 0xf7, 0xcc, 0x34, 0xa5, 0xe5, 0xf1, 0x71, 0xd8, 0x31, 0x15, // 2 106 0x04, 0xc7, 0x23, 0xc3, 0x18, 0x96, 0x05, 0x9a, 0x07, 0x12, 0x80, 0xe2, 0xeb, 0x27, 0xb2, 0x75, // 3 107 0x09, 0x83, 0x2c, 0x1a, 0x1b, 0x6e, 0x5a, 0xa0, 0x52, 0x3b, 0xd6, 0xb3, 0x29, 0xe3, 0x2f, 0x84, // 4 108 0x53, 0xd1, 0x00, 0xed, 0x20, 0xfc, 0xb1, 0x5b, 0x6a, 0xcb, 0xbe, 0x39, 0x4a, 0x4c, 0x58, 0xcf, // 5 109 0xd0, 0xef, 0xaa, 0xfb, 0x43, 0x4d, 0x33, 0x85, 0x45, 0xf9, 0x02, 0x7f, 0x50, 0x3c, 0x9f, 0xa8, // 6 110 0x51, 0xa3, 0x40, 0x8f, 0x92, 0x9d, 0x38, 0xf5, 0xbc, 0xb6, 0xda, 0x21, 0x10, 0xff, 0xf3, 0xd2, // 7 111 0xcd, 0x0c, 0x13, 0xec, 0x5f, 0x97, 0x44, 0x17, 0xc4, 0xa7, 0x7e, 0x3d, 0x64, 0x5d, 0x19, 0x73, // 8 112 0x60, 0x81, 0x4f, 0xdc, 0x22, 0x2a, 0x90, 0x88, 0x46, 0xee, 0xb8, 0x14, 0xde, 0x5e, 0x0b, 0xdb, // 9 113 0xe0, 0x32, 0x3a, 0x0a, 0x49, 0x06, 0x24, 0x5c, 0xc2, 0xd3, 0xac, 0x62, 0x91, 0x95, 0xe4, 0x79, // a 114 0xe7, 0xc8, 0x37, 0x6d, 0x8d, 0xd5, 0x4e, 0xa9, 0x6c, 0x56, 0xf4, 0xea, 0x65, 0x7a, 0xae, 0x08, // b 115 0xba, 0x78, 0x25, 0x2e, 0x1c, 0xa6, 0xb4, 0xc6, 0xe8, 0xdd, 0x74, 0x1f, 0x4b, 0xbd, 0x8b, 0x8a, // c 116 0x70, 0x3e, 0xb5, 0x66, 0x48, 0x03, 0xf6, 0x0e, 0x61, 0x35, 0x57, 0xb9, 0x86, 0xc1, 0x1d, 0x9e, // d 117 0xe1, 0xf8, 0x98, 0x11, 0x69, 0xd9, 0x8e, 0x94, 0x9b, 0x1e, 0x87, 0xe9, 0xce, 0x55, 0x28, 0xdf, // e 118 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16};// f 119 120 /* 121 * Inverse S-box transformation table 122 */ 123 static uint8_t inv_s_box[256] = { 124 // 0 1 2 3 4 5 6 7 8 9 a b c d e f 125 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, // 0 126 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb, // 1 127 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e, // 2 128 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25, // 3 129 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92, // 4 130 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84, // 5 131 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06, // 6 132 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b, // 7 133 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73, // 8 134 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e, // 9 135 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b, // a 136 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4, // b 137 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f, // c 138 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef, // d 139 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61, // e 140 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d};// f 141 142 143 /* 144 * Generates the round constant Rcon[i] 145 */ 146 uint8_t R[] = {0x02, 0x00, 0x00, 0x00}; 147 148 uint8_t * Rcon(uint8_t i) { 149 150 if (i == 1) { 151 R[0] = 0x01; // x^(1-1) = x^0 = 1 152 } else if (i > 1) { 153 R[0] = 0x02; 154 i--; 155 while (i-1 > 0) { 156 R[0] = gmult(R[0], 0x02); 157 i--; 158 } 159 } 160 161 return R; 162 } 163 164 /* 165 * Transformation in the Cipher and Inverse Cipher in which a Round 166 * Key is added to the State using an XOR operation. The length of a 167 * Round Key equals the size of the State (i.e., for Nb = 4, the Round 168 * Key length equals 128 bits/16 bytes). 169 */ 170 void add_round_key(uint8_t *state, uint8_t *w, uint8_t r) { 171 172 uint8_t c; 173 174 for (c = 0; c < Nb; c++) { 175 state[Nb*0+c] = state[Nb*0+c]^w[4*Nb*r+4*c+0]; //debug, so it works for Nb !=4 176 state[Nb*1+c] = state[Nb*1+c]^w[4*Nb*r+4*c+1]; 177 state[Nb*2+c] = state[Nb*2+c]^w[4*Nb*r+4*c+2]; 178 state[Nb*3+c] = state[Nb*3+c]^w[4*Nb*r+4*c+3]; 179 } 180 } 181 182 /* 183 * Transformation in the Cipher that takes all of the columns of the 184 * State and mixes their data (independently of one another) to 185 * produce new columns. 186 */ 187 void mix_columns(uint8_t *state) { 188 189 uint8_t a[] = {0x02, 0x01, 0x01, 0x03}; // a(x) = {02} + {01}x + {01}x2 + {03}x3 190 uint8_t i, j, col[4], res[4]; 191 192 for (j = 0; j < Nb; j++) { 193 for (i = 0; i < 4; i++) { 194 col[i] = state[Nb*i+j]; 195 } 196 197 coef_mult(a, col, res); 198 199 for (i = 0; i < 4; i++) { 200 state[Nb*i+j] = res[i]; 201 } 202 } 203 } 204 205 /* 206 * Transformation in the Inverse Cipher that is the inverse of 207 * MixColumns(). 208 */ 209 void inv_mix_columns(uint8_t *state) { 210 211 uint8_t a[] = {0x0e, 0x09, 0x0d, 0x0b}; // a(x) = {0e} + {09}x + {0d}x2 + {0b}x3 212 uint8_t i, j, col[4], res[4]; 213 214 for (j = 0; j < Nb; j++) { 215 for (i = 0; i < 4; i++) { 216 col[i] = state[Nb*i+j]; 217 } 218 219 coef_mult(a, col, res); 220 221 for (i = 0; i < 4; i++) { 222 state[Nb*i+j] = res[i]; 223 } 224 } 225 } 226 227 /* 228 * Transformation in the Cipher that processes the State by cyclically 229 * shifting the last three rows of the State by different offsets. 230 */ 231 void shift_rows(uint8_t *state) { 232 233 uint8_t i, k, s, tmp; 234 235 for (i = 1; i < 4; i++) { 236 // shift(1,4)=1; shift(2,4)=2; shift(3,4)=3 237 // shift(r, 4) = r; 238 s = 0; 239 while (s < i) { 240 tmp = state[Nb*i+0]; 241 242 for (k = 1; k < Nb; k++) { 243 state[Nb*i+k-1] = state[Nb*i+k]; 244 } 245 246 state[Nb*i+Nb-1] = tmp; 247 s++; 248 } 249 } 250 } 251 252 /* 253 * Transformation in the Inverse Cipher that is the inverse of 254 * ShiftRows(). 255 */ 256 void inv_shift_rows(uint8_t *state) { 257 258 uint8_t i, k, s, tmp; 259 260 for (i = 1; i < 4; i++) { 261 s = 0; 262 while (s < i) { 263 tmp = state[Nb*i+Nb-1]; 264 265 for (k = Nb-1; k > 0; k--) { 266 state[Nb*i+k] = state[Nb*i+k-1]; 267 } 268 269 state[Nb*i+0] = tmp; 270 s++; 271 } 272 } 273 } 274 275 /* 276 * Transformation in the Cipher that processes the State using a non 277 * linear byte substitution table (S-box) that operates on each of the 278 * State bytes independently. 279 */ 280 void sub_bytes(uint8_t *state) { 281 282 uint8_t i, j; 283 uint8_t row, col; 284 285 for (i = 0; i < 4; i++) { 286 for (j = 0; j < Nb; j++) { 287 row = (state[Nb*i+j] & 0xf0) >> 4; 288 col = state[Nb*i+j] & 0x0f; 289 state[Nb*i+j] = s_box[16*row+col]; 290 } 291 } 292 } 293 294 /* 295 * Transformation in the Inverse Cipher that is the inverse of 296 * SubBytes(). 297 */ 298 void inv_sub_bytes(uint8_t *state) { 299 300 uint8_t i, j; 301 uint8_t row, col; 302 303 for (i = 0; i < 4; i++) { 304 for (j = 0; j < Nb; j++) { 305 row = (state[Nb*i+j] & 0xf0) >> 4; 306 col = state[Nb*i+j] & 0x0f; 307 state[Nb*i+j] = inv_s_box[16*row+col]; 308 } 309 } 310 } 311 312 /* 313 * Function used in the Key Expansion routine that takes a four-byte 314 * input word and applies an S-box to each of the four bytes to 315 * produce an output word. 316 */ 317 void sub_word(uint8_t *w) { 318 319 uint8_t i; 320 321 for (i = 0; i < 4; i++) { 322 w[i] = s_box[16*((w[i] & 0xf0) >> 4) + (w[i] & 0x0f)]; 323 } 324 } 325 326 /* 327 * Function used in the Key Expansion routine that takes a four-byte 328 * word and performs a cyclic permutation. 329 */ 330 void rot_word(uint8_t *w) { 331 332 uint8_t tmp; 333 uint8_t i; 334 335 tmp = w[0]; 336 337 for (i = 0; i < 3; i++) { 338 w[i] = w[i+1]; 339 } 340 341 w[3] = tmp; 342 } 343 344 /* 345 * Key Expansion 346 */ 347 void key_expansion(uint8_t *key, uint8_t *w) { 348 349 uint8_t tmp[4]; 350 uint8_t i, j; 351 uint8_t len = Nb*(Nr+1); 352 353 for (i = 0; i < Nk; i++) { 354 w[4*i+0] = key[4*i+0]; 355 w[4*i+1] = key[4*i+1]; 356 w[4*i+2] = key[4*i+2]; 357 w[4*i+3] = key[4*i+3]; 358 } 359 360 for (i = Nk; i < len; i++) { 361 tmp[0] = w[4*(i-1)+0]; 362 tmp[1] = w[4*(i-1)+1]; 363 tmp[2] = w[4*(i-1)+2]; 364 tmp[3] = w[4*(i-1)+3]; 365 366 if (i%Nk == 0) { 367 368 rot_word(tmp); 369 sub_word(tmp); 370 coef_add(tmp, Rcon(i/Nk), tmp); 371 372 } else if (Nk > 6 && i%Nk == 4) { 373 374 sub_word(tmp); 375 376 } 377 378 w[4*i+0] = w[4*(i-Nk)+0]^tmp[0]; 379 w[4*i+1] = w[4*(i-Nk)+1]^tmp[1]; 380 w[4*i+2] = w[4*(i-Nk)+2]^tmp[2]; 381 w[4*i+3] = w[4*(i-Nk)+3]^tmp[3]; 382 } 383 } 384 385 void cipher(uint8_t *in, uint8_t *out, uint8_t *w) { 386 387 uint8_t state[4*Nb]; 388 uint8_t r, i, j; 389 390 for (i = 0; i < 4; i++) { 391 for (j = 0; j < Nb; j++) { 392 state[Nb*i+j] = in[i+4*j]; 393 } 394 } 395 396 add_round_key(state, w, 0); 397 398 for (r = 1; r < Nr; r++) { 399 sub_bytes(state); 400 shift_rows(state); 401 mix_columns(state); 402 add_round_key(state, w, r); 403 } 404 405 sub_bytes(state); 406 shift_rows(state); 407 add_round_key(state, w, Nr); 408 409 for (i = 0; i < 4; i++) { 410 for (j = 0; j < Nb; j++) { 411 out[i+4*j] = state[Nb*i+j]; 412 } 413 } 414 } 415 416 void inv_cipher(uint8_t *in, uint8_t *out, uint8_t *w) { 417 418 uint8_t state[4*Nb]; 419 uint8_t r, i, j; 420 421 for (i = 0; i < 4; i++) { 422 for (j = 0; j < Nb; j++) { 423 state[Nb*i+j] = in[i+4*j]; 424 } 425 } 426 427 add_round_key(state, w, Nr); 428 429 for (r = Nr-1; r >= 1; r--) { 430 inv_shift_rows(state); 431 inv_sub_bytes(state); 432 add_round_key(state, w, r); 433 inv_mix_columns(state); 434 } 435 436 inv_shift_rows(state); 437 inv_sub_bytes(state); 438 add_round_key(state, w, 0); 439 440 for (i = 0; i < 4; i++) { 441 for (j = 0; j < Nb; j++) { 442 out[i+4*j] = state[Nb*i+j]; 443 } 444 } 445 } 446 447 int main(int argc, char *argv[]) { 448 449 uint8_t i; 450 451 /* 452 * Appendix A - Key Expansion Examples 453 */ 454 455 /* 128 bits */ 456 /* uint8_t key[] = { 457 0x2b, 0x7e, 0x15, 0x16, 458 0x28, 0xae, 0xd2, 0xa6, 459 0xab, 0xf7, 0x15, 0x88, 460 0x09, 0xcf, 0x4f, 0x3c}; */ 461 462 /* 192 bits */ 463 /* uint8_t key[] = { 464 0x8e, 0x73, 0xb0, 0xf7, 465 0xda, 0x0e, 0x64, 0x52, 466 0xc8, 0x10, 0xf3, 0x2b, 467 0x80, 0x90, 0x79, 0xe5, 468 0x62, 0xf8, 0xea, 0xd2, 469 0x52, 0x2c, 0x6b, 0x7b}; */ 470 471 /* 256 bits */ 472 /* uint8_t key[] = { 473 0x60, 0x3d, 0xeb, 0x10, 474 0x15, 0xca, 0x71, 0xbe, 475 0x2b, 0x73, 0xae, 0xf0, 476 0x85, 0x7d, 0x77, 0x81, 477 0x1f, 0x35, 0x2c, 0x07, 478 0x3b, 0x61, 0x08, 0xd7, 479 0x2d, 0x98, 0x10, 0xa3, 480 0x09, 0x14, 0xdf, 0xf4}; 481 */ 482 483 /* uint8_t in[] = { 484 0x32, 0x43, 0xf6, 0xa8, 485 0x88, 0x5a, 0x30, 0x8d, 486 0x31, 0x31, 0x98, 0xa2, 487 0xe0, 0x37, 0x07, 0x34}; // 128 488 */ 489 490 /* 491 * Appendix C - Example Vectors 492 */ 493 494 /* 128 bit key */ 495 /* uint8_t key[] = { 496 0x00, 0x01, 0x02, 0x03, 497 0x04, 0x05, 0x06, 0x07, 498 0x08, 0x09, 0x0a, 0x0b, 499 0x0c, 0x0d, 0x0e, 0x0f}; */ 500 501 /* 192 bit key */ 502 /* uint8_t key[] = { 503 0x00, 0x01, 0x02, 0x03, 504 0x04, 0x05, 0x06, 0x07, 505 0x08, 0x09, 0x0a, 0x0b, 506 0x0c, 0x0d, 0x0e, 0x0f, 507 0x10, 0x11, 0x12, 0x13, 508 0x14, 0x15, 0x16, 0x17}; */ 509 510 /* 256 bit key */ 511 uint8_t key[] = { 512 0x00, 0x01, 0x02, 0x03, 513 0x04, 0x05, 0x06, 0x07, 514 0x08, 0x09, 0x0a, 0x0b, 515 0x0c, 0x0d, 0x0e, 0x0f, 516 0x10, 0x11, 0x12, 0x13, 517 0x14, 0x15, 0x16, 0x17, 518 0x18, 0x19, 0x1a, 0x1b, 519 0x1c, 0x1d, 0x1e, 0x1f}; 520 521 uint8_t in[] = { 522 0x00, 0x11, 0x22, 0x33, 523 0x44, 0x55, 0x66, 0x77, 524 0x88, 0x99, 0xaa, 0xbb, 525 0xcc, 0xdd, 0xee, 0xff}; 526 527 uint8_t out[16]; // 128 528 529 uint8_t *w; // expanded key 530 531 switch (sizeof(key)) { 532 default: 533 case 16: Nk = 4; Nr = 10; break; 534 case 24: Nk = 6; Nr = 12; break; 535 case 32: Nk = 8; Nr = 14; break; 536 } 537 538 w = malloc(Nb*(Nr+1)*4); 539 540 key_expansion(key, w); 541 542 cipher(in /* in */, out /* out */, w /* expanded key */); 543 544 printf("out:\n"); 545 546 for (i = 0; i < 4; i++) { 547 printf("%x %x %x %x ", out[4*i+0], out[4*i+1], out[4*i+2], out[4*i+3]); 548 } 549 550 printf("\n"); 551 552 inv_cipher(out, in, w); 553 554 printf("msg:\n"); 555 for (i = 0; i < 4; i++) { 556 printf("%x %x %x %x ", in[4*i+0], in[4*i+1], in[4*i+2], in[4*i+3]); 557 } 558 559 printf("\n"); 560 561 exit(0); 562 563 }
https://github.com/dhuertas/AES/blob/master/aes.c
參考自: