search

intel / cryptography-primitives

Apache License 2.0
319 stars 86 forks source link

something wrong with AES OFB #20

Closed DaiJiaKang closed 4 years ago

DaiJiaKang commented 4 years ago

can u give me a example code about AES OFB API? i don't understand the parameter ofbBlkSize. The AES OFB API is : IppStatus ippsAESEncryptOFB (const Ipp8u* pSrc, Ipp8u* pDst, int srclen, int ofbBlkSize, const IppsAESSpec* pCtx, Ipp8u* pIV); and IppStatus ippsAESDecryptOFB (const Ipp8u* pSrc, Ipp8u* pDst, int srclen, int ofbBlkSize, const IppsAESSpec* pCtx, Ipp8u* pIV); i use it but i get wrong output, i can't get my plaintxt by calling ippsAESEncryptOFB & ippsAESDecryptOFB so help me pls

skirillo commented 4 years ago

The ofbBlkSize parameter came from old (DES) standard. See FIPS PUB 81 for details. it implied the division of the message being processed into units of OBF size each (maybe is not equal to cipher block size). Modern interpretation of the OFB is using ofbBlkSize == cipher_block_size (i.e. ==16 in case of AES), see NIST SP800-38A.

See simple sample usin aes-ofb16

include

include

include "ippcp.h"

int main(void) { // all data below are from NIST SP800-38A. F.4 OFB Example Vectors Ipp8u key[] = "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c"; Ipp8u iv0[] = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f";

Ipp8u kat_ptxt[] = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96\xe9\x3d\x7e\x11\x73\x93\x17\x2a" "\xae\x2d\x8a\x57\x1e\x03\xac\x9c\x9e\xb7\x6f\xac\x45\xaf\x8e\x51" "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11\xe5\xfb\xc1\x19\x1a\x0a\x52\xef" "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17\xad\x2b\x41\x7b\xe6\x6c\x37\x10"; Ipp8u kat_ctxt[] = "\x3b\x3f\xd9\x2e\xb7\x2d\xad\x20\x33\x34\x49\xf8\xe8\x3c\xfb\x4a" "\x77\x89\x50\x8d\x16\x91\x8f\x03\xf5\x3c\x52\xda\xc5\x4e\xd8\x25" "\x97\x40\x05\x1e\x9c\x5f\xec\xf6\x43\x44\xf7\xa8\x22\x60\xed\xcc" "\x30\x4c\x65\x28\xf6\x59\xc7\x78\x66\xa5\x10\xd9\xc1\xd6\xae\x5e"; int ctxSize; ippsAESGetSize(&ctxSize); IppsAESSpec aes = (IppsAESSpec)( new Ipp8u [ctxSize] ); ippsAESInit(key, sizeof(key)-1, aes, ctxSize);

Ipp8u ptxt[164]; Ipp8u ctxt[164]; Ipp8u iv[16]; int rep;

// aes-ofb16-enc (ofbBlkSize=16) printf("ippsAESEncryptOFB(16) "); memcpy(iv, iv0, sizeof(iv0)-1); ippsAESEncryptOFB(kat_ptxt, ctxt, sizeof(kat_ptxt)-1, 16, aes, iv); // compare ctxt and kat_ctxt rep = 0==memcmp(kat_ctxt, ctxt, sizeof(kat_ctxt)-1); if(rep) printf("passed\n"); else printf("failed\n");

// aes-ofb16-dec (ofbBlkSize=16) printf("ippsAESDecryptOFB(16) "); memcpy(iv, iv0, sizeof(iv0)-1); ippsAESDecryptOFB(kat_ctxt, ptxt, sizeof(kat_ctxt)-1, 16, aes, iv); // compare ptxt and kat_ptxt rep = 0==memcmp(kat_ptxt, ptxt, sizeof(kat_ptxt)-1); if(rep) printf("passed\n"); else printf("failed\n");

return 0; } I don't know what was wrong on your side, but let me note, that IV value does not have const qualifier (the sample copied iv0 => iv and end/dec primitive uses iv exactly)

DaiJiaKang commented 4 years ago

thank u,i figured out my mistake.the IV changed by calling enc, i should use the origin IV @skirillo