linux内核密码API,在AES-GCM算法中,如何设置aad的长度是零位?
linux内核密码API,在AES-GCM算法中,如何设置aad的长度是零位?
提问于 2017-08-31 12:34:27
在我的工作中,我想使用aes-gcm算法对linux内核模块中的数据进行加密,所以我选择了aead。在aes gcm中,aad数据可以设置为0-264位,但是在代码中,如果我使用aead_request_set_ad()函数设置分散列表结构的数据为null,则会出现错误。AES-GCM算法
接下来是我在linux内核4.10中的代码:
int aes_gcm_decrypt(struct crypto_aead *tfm, u8 *j_0, u8 *aad,
u8 *data, size_t data_len, u8 *mic)
{
struct scatterlist sg[3];
struct aead_request *aead_req;
int reqsize = sizeof(*aead_req) + crypto_aead_reqsize(tfm);
int err;
if (data_len == 0)
return -EINVAL;
aead_req = kzalloc(reqsize + GCM_AAD_LEN, GFP_ATOMIC);
if (!aead_req)
return -ENOMEM;
sg_init_table(sg, 3);
sg_set_buf(&sg[0], aad,0);
sg_set_buf(&sg[1], data, data_len);
sg_set_buf(&sg[2], mic, 16);
aead_request_set_tfm(aead_req, tfm);
aead_request_set_crypt(aead_req, sg, sg,
data_len + 16, j_0);
aead_request_set_ad(aead_req, sg[0].length);
err = crypto_aead_decrypt(aead_req);
kzfree(aead_req);
return err;
},如果我使用sg_set_page(& sg,ZERO_PAGE( 0),0,0)来设置sg,这也是错误的。
,如果我移除sg也是错误的.
在aead_request_set_crypt函数中,注释如下所示:
/**
* aead_request_set_crypt - set data buffers
* @req: request handle
* @src: source scatter / gather list
* @dst: destination scatter / gather list
* @cryptlen: number of bytes to process from @src
* @iv: IV for the cipher operation which must comply with the IV size defined
* by crypto_aead_ivsize()
*
* Setting the source data and destination data scatter / gather lists which
* hold the associated data concatenated with the plaintext or ciphertext. See
* below for the authentication tag.
*
* For encryption, the source is treated as the plaintext and the
* destination is the ciphertext. For a decryption operation, the use is
* reversed - the source is the ciphertext and the destination is the plaintext.
*
* The memory structure for cipher operation has the following structure:
*
* - AEAD encryption input: assoc data || plaintext
* - AEAD encryption output: assoc data || cipherntext || auth tag
* - AEAD decryption input: assoc data || ciphertext || auth tag
* - AEAD decryption output: assoc data || plaintext
*
* Albeit the kernel requires the presence of the AAD buffer, however,
* the kernel does not fill the AAD buffer in the output case. If the
* caller wants to have that data buffer filled, the caller must either
* use an in-place cipher operation (i.e. same memory location for
* input/output memory location).
*/assoc数据必须是存在的,所以如何设置它的长度为0??
回答 1
Stack Overflow用户
发布于 2017-09-01 10:36:38
我已经像这样解决了这个问题myself.just:
struct scatterlist sg[2];
...
sg_set_buf(&sg[0], data, data_len);
sg_set_buf(&sg[1], mic, 16);
...
aead_request_set_ad(aead_req, 0);只需定义两个分散列表结构,并设置广告零。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/45981580
复制相关文章
相似问题
腾讯云开发者
