DRBG_InstantiateSeeded-DfStart-DRBG_ENCRYPT_SETUP
rd_key 0x3b +1 0x3c = 60
60个int = 240字节
rounds 是 0e = 14
初始密钥值:
000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
#define DRBG_ENCRYPT_SETUP(key, keySizeInBits, schedule) \
TpmCryptSetEncryptKeyAES(key, keySizeInBits, schedule)
/* B.2.2.3.3. Links to the OpenSSL AES code */
/* Macros to set up the encryption/decryption key schedules */
#define TpmCryptSetEncryptKeyAES(key, keySizeInBits, schedule) \
AES_set_encrypt_key((key), (keySizeInBits), (tpmKeyScheduleAES *)(schedule))
// Table 1:17 - Defines for AES Symmetric Cipher Algorithm Constants
#define AES_KEY_SIZES_BITS \
(128 * AES_128), (192 * AES_192), (256 * AES_256)
#if AES_256
# define AES_MAX_KEY_SIZE_BITS 256
#elif AES_192
# define AES_MAX_KEY_SIZE_BITS 192
#elif AES_128
# define AES_MAX_KEY_SIZE_BITS 128
#else
# define AES_MAX_KEY_SIZE_BITS 0
#define tpmKeyScheduleAES AES_KEY
32字节的key
初始密钥值:
000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
/* Macros to alias encryption calls to specific algorithms. This should be used
sparingly. Currently, only used by CryptSym.c and CryptRand.c */
/* When using these calls, to call the AES block encryption code, the caller should use:
TpmCryptEncryptAES(SWIZZLE(keySchedule, in, out)); */
#define TpmCryptEncryptAES AES_encrypt
#define TpmCryptDecryptAES AES_decrypt
#define tpmKeyScheduleAES AES_KEY
AES_encrypt(3) - OpenBSD manual pages
AES_KEY is a structure that can hold up to 60 int values and a number of rounds.
AES_set_encrypt_key() expands the userKey, which is bits long, into the key structure to prepare for encryption. The number of bits and bytes read from userKey, the number of int values stored into key, and the number of rounds are as follows:
| bits | bytes | ints | rounds |
| 128 | 16 | 44 | 10 |
| 192 | 24 | 52 | 12 |
| 256 | 32 | 60 | 14 |
AES_KEY 是一个结构,最多可以容纳 60 个 int 值和多个轮次。
AES_set_encrypt_key()将多位的userKey展开成密钥结构,为加密做准备。 从userKey读取的bits和bytes个数,存入key的int值个数,轮数如下:
位字节整数轮
128 16 44 10
192 24 52 12
256 32 60 14 14轮
AES_set_decrypt_key() does the same, but in preparation for decryption.
AES_encrypt() reads a single 16 byte block from *in, encrypts it with the key, and writes the 16 resulting bytes to *out. The 16 byte buffers starting at in and out can overlap, and in and out can even point to the same memory location.
AES_decrypt() decrypts a single block and is otherwise identical to AES_encrypt().
If enc is non-zero, AES_cbc_encrypt() encrypts len bytes at in to out using the 128 bit key and the 128 bit initialization vector ivec in CBC mode. If enc is 0, AES_cbc_encrypt() performs the corresponding decryption.
AES_set_decrypt_key() 做同样的事情,但准备解密。
AES_encrypt() 从 *in 中读取单个 16 字节块,使用密钥对其进行加密,并将 16 个结果字节写入 *out。 从 in 和 out 开始的 16 字节缓冲区可以重叠,in 和 out 甚至可以指向相同的内存位置。
AES_decrypt() 解密单个块,其他方面与 AES_encrypt() 相同。
如果 enc 不为零,AES_cbc_encrypt() 在 CBC 模式下使用 128 位密钥和 128 位初始化向量 ivec 加密从 in 到 out 的 len 个字节。 如果 enc 为 0,则 AES_cbc_encrypt() 执行相应的解密。
OpenSSL AES 加密 与 java 对齐需要注意的几点_恋恋西风的博客-CSDN博客
以下接口来自“crypto/aes/aes.h”,有openssl源码。
//设置加密和解密器
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
下面这个文件可以看出, AES_encrypt 就是ecb加密的方式。而AES_set_encrypt_key和 AES_encrypt,它们的实现在"crypto/aes/aes_x86core.c"和 "crypto/aes/aes_core.c",也就是有两个版本,根据平台选择。看源码。
DfStart 调用到了 openssl中的 AES_set_encrypt_key
DfUpdate 、 DfEnd 调用到了 openssl中的 AES_encrypt
开源java实现:
GitHub - GreateLi/openssl_aes_windows: openssl aes windows JAVA AES/CBC/PKCS5Padding ; C++ AES_CBC_PKCS5Padding