2020-10-26 12:43:20 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<!DOCTYPE html>
|
|
|
|
|
<html class="writer-html5" lang="zh" >
|
|
|
|
|
<head>
|
|
|
|
|
<meta charset="utf-8">
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<title>AES-GCM — BL602 IoT SDK release_bl_iot_sdk_1.6.11-1-g66bb28da 文档</title>
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<link rel="stylesheet" href="../../_static/css/theme.css" type="text/css" />
|
|
|
|
|
<link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
|
|
|
|
|
<link rel="stylesheet" href="../../_static/style.css" type="text/css" />
|
|
|
|
|
<link rel="stylesheet" href="../../_static/css/custom.css" type="text/css" />
|
|
|
|
|
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<!--[if lt IE 9]>
|
|
|
|
|
<script src="../../_static/js/html5shiv.min.js"></script>
|
|
|
|
|
<![endif]-->
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<script type="text/javascript" id="documentation_options" data-url_root="../../" src="../../_static/documentation_options.js"></script>
|
|
|
|
|
<script src="../../_static/jquery.js"></script>
|
|
|
|
|
<script src="../../_static/underscore.js"></script>
|
|
|
|
|
<script src="../../_static/doctools.js"></script>
|
|
|
|
|
<script src="../../_static/language_data.js"></script>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<script type="text/javascript" src="../../_static/js/theme.js"></script>
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<link rel="index" title="索引" href="../../genindex.html" />
|
2020-11-08 19:32:47 +00:00
|
|
|
|
<link rel="search" title="搜索" href="../../search.html" />
|
2020-10-26 12:43:20 +00:00
|
|
|
|
</head>
|
|
|
|
|
|
|
|
|
|
<body class="wy-body-for-nav">
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<div class="wy-grid-for-nav">
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
|
|
|
|
|
<div class="wy-side-scroll">
|
|
|
|
|
<div class="wy-side-nav-search" >
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<a href="../../index.html" class="icon icon-home" alt="Documentation Home"> BL602 IoT SDK
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
</a>
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<div class="version">
|
|
|
|
|
release_bl_iot_sdk_1.6.11-1-g66bb28da
|
|
|
|
|
</div>
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<div role="search">
|
|
|
|
|
<form id="rtd-search-form" class="wy-form" action="../../search.html" method="get">
|
|
|
|
|
<input type="text" name="q" placeholder="在文档中搜索" />
|
|
|
|
|
<input type="hidden" name="check_keywords" value="yes" />
|
|
|
|
|
<input type="hidden" name="area" value="default" />
|
|
|
|
|
</form>
|
|
|
|
|
</div>
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
</div>
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<p class="caption"><span class="caption-text">Developer_Environment</span></p>
|
|
|
|
|
<ul>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Developer_Environment/Developer_Environment.html">1. Developer Environment</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Developer_Environment/BLFlashEnv/BLFlashEnv.html">2. BLFlashEnv</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Developer_Environment/freedom_studio/freedom_studio.html">3. Freedom Studio</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Developer_Environment/eclipse/eclipse.html">4. Eclipse</a></li>
|
|
|
|
|
</ul>
|
|
|
|
|
<p class="caption"><span class="caption-text">Examples</span></p>
|
|
|
|
|
<ul>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../helloworld/helloworld.html">1. Helloword</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_aws/aws.html">2. aws</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_peripherals_gpio/GPIO.html">3. GPIO</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_peripherals_uart_echo/uart_echo.html">4. UART_echo</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_peripherals_uart_ioctl/uart_ioctl.html">5. UART_ioctl</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_protocols_http/http.html">6. Http client</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_protocols_httpc/httpc.html">7. Httpc client</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_storage_psm/psm.html">8. PSM</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_storage_romfs/romfs.html">9. Romfs</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_system_cli/cli.html">10. cli</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_system_fdt/fdt.html">11. FDT</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_wifi/wifi.html">12. WiFi</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_ble/ble.html">13. BLE</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_mesh/mesh.html">14. Mesh</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../demo_blsync_ble/blsync_ble.html">15. BLSYNC-BLE</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../sdk_app_easyflash_boottimes/easyflash_boottimes.html">16. Easyflash4 boot times</a></li>
|
|
|
|
|
</ul>
|
|
|
|
|
<p class="caption"><span class="caption-text">Components</span></p>
|
|
|
|
|
<ul>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/arch.html">1. arch</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Command_line/helper.html">2. helper</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Command_line/aos_cli.html">3. cli</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Hal_drv/gpio.html">4. GPIO</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/bloop/bloop.html">5. BLOOP</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/blsync/blsync.html">6. BLSYNC</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/dts/devicetree.html">7. device tree</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/log/blog.html">8. blog</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/security/security.html">9. Security</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/vfs/vfs.html">10. AOS VFS</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/yloop/yloop.html">11. yloop</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Network/httpc/httpc.html">12. HTTPC</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Network/https/https.html">13. HTTPS</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/Network/tls/tls.html">14. TLS</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/BLE/provision_WiFi/provision_WiFi.html">15. Provision_WiFi</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/BLE/mesh/mesh.html">16. Mesh</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../Components/BLE/ble_stack/ble_stack.html">17. BLE</a></li>
|
|
|
|
|
</ul>
|
|
|
|
|
<p class="caption"><span class="caption-text">API</span></p>
|
|
|
|
|
<ul>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../API/sys/cronalarms.html">1. cronalarms</a></li>
|
|
|
|
|
<li class="toctree-l1"><a class="reference internal" href="../../API/wifi/wifi_mgmr.html">2. Wi-Fi Manager</a></li>
|
|
|
|
|
</ul>
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
</div>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
</div>
|
|
|
|
|
</nav>
|
|
|
|
|
|
|
|
|
|
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<nav class="wy-nav-top" aria-label="top navigation">
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
|
|
|
|
|
<a href="../../index.html">BL602 IoT SDK</a>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
</nav>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<div class="wy-nav-content">
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<div class="rst-content">
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<div role="navigation" aria-label="breadcrumbs navigation">
|
|
|
|
|
|
|
|
|
|
<ul class="wy-breadcrumbs">
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<li><a href="../../index.html" class="icon icon-home"></a> »</li>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<li>AES-GCM</li>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<li class="wy-breadcrumbs-aside">
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<a href="../../_sources/Examples/benchmark_security_aes/benchmark_security_aes_gcm.rst.txt" rel="nofollow"> 查看页面源码</a>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
</li>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
</ul>
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<hr/>
|
|
|
|
|
</div>
|
|
|
|
|
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
|
|
|
|
|
<div itemprop="articleBody">
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<div class="section" id="aes-gcm">
|
|
|
|
|
<span id="aes-gcm-index"></span><h1>AES-GCM<a class="headerlink" href="#aes-gcm" title="永久链接至标题">¶</a></h1>
|
|
|
|
|
<div class="section" id="id1">
|
|
|
|
|
<h2>总览<a class="headerlink" href="#id1" title="永久链接至标题">¶</a></h2>
|
|
|
|
|
<p>AES是一种对称加密算法,它的相关概念在此不赘述,本文档主要介绍AES-GCM的原理和实现。</p>
|
|
|
|
|
<p>GCM ( Galois/Counter Mode) 指的是该对称加密采用Counter模式,并带有GMAC消息认证码。
|
|
|
|
|
在详细介绍AES-GCM之前,我们先了解一些相关概念。</p>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="section" id="ctr-counter">
|
|
|
|
|
<h2>CTR(CounTeR)<a class="headerlink" href="#ctr-counter" title="永久链接至标题">¶</a></h2>
|
|
|
|
|
<blockquote>
|
|
|
|
|
<div><p>在CTR模式下,我们对一个逐次累加的计数器进行加密,用加密后的比特序列与明文分组进行异或得到密文。过程如下图:</p>
|
|
|
|
|
<blockquote>
|
|
|
|
|
<div><div class="figure align-default">
|
|
|
|
|
<img alt="" src="../../_images/image12.png" />
|
|
|
|
|
</div>
|
|
|
|
|
</div></blockquote>
|
|
|
|
|
</div></blockquote>
|
|
|
|
|
<p>其中, IV为初始化向量,Ek表示ECB文本加密,PT表示输入的明文,CT表示输出的密文。</p>
|
|
|
|
|
<p>在BL602中,我们可以直接使用硬件完成CTR算法,即设置key密钥后,输入IV以及需要加密的明文,硬件会自动完成累加计数加密并输出密文。</p>
|
|
|
|
|
<p>CTR模式的优点是:
|
|
|
|
|
1)支持加解密并行计算,可事先进行加解密准备;
|
|
|
|
|
2)错误密文中的对应比特只会影响明文中的对应比特。
|
|
|
|
|
但是它不能提供密文消息完整性校验的功能。</p>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="section" id="mac-message-authentication-code">
|
|
|
|
|
<h2>MAC(Message Authentication Code)<a class="headerlink" href="#mac-message-authentication-code" title="永久链接至标题">¶</a></h2>
|
|
|
|
|
<p>想要校验消息的完整性,必须引入另一个概念:消息验证码。消息验证码是一种与秘钥相关的单项散列函数,过程如下图所示:</p>
|
|
|
|
|
<blockquote>
|
|
|
|
|
<div><div class="figure align-default">
|
|
|
|
|
<img alt="" src="../../_images/image21.png" />
|
|
|
|
|
</div>
|
|
|
|
|
</div></blockquote>
|
|
|
|
|
<p>密文的收发双发需要提前共享一个秘钥。密文发送者将密文的MAC值随密文一起发送,密文接收者通过共享秘钥计算收到密文的MAC值,
|
|
|
|
|
这样就可以对收到的密文做完整性校验。当篡改者篡改密文后,没有共享秘钥,就无法计算出篡改后的密文的MAC值。</p>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="section" id="gmac-galois-message-authentication-code-mode">
|
|
|
|
|
<h2>GMAC(Galois message authentication code mode)<a class="headerlink" href="#gmac-galois-message-authentication-code-mode" title="永久链接至标题">¶</a></h2>
|
|
|
|
|
<p>对应到上图中的消息认证码,GMAC就是利用伽罗华域(Galois Field,GF,有限域)乘法运算来计算消息的MAC值。
|
|
|
|
|
假设秘钥长度为128bits, 当密文大于128bits时,需要将密文按128bits进行分组。应用流程如下图:</p>
|
|
|
|
|
<blockquote>
|
|
|
|
|
<div><div class="figure align-default">
|
|
|
|
|
<img alt="" src="../../_images/image3.png" />
|
|
|
|
|
</div>
|
|
|
|
|
</div></blockquote>
|
|
|
|
|
<p>其中,msg为需要验证的消息,Mh表示在有限域上做乘法运算,MAC即为生成的验证码。</p>
|
|
|
|
|
<p>在BL602中,我们可以直接使用硬件完成GMAC验证。</p>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="section" id="gcm-galois-counter-mode">
|
|
|
|
|
<h2>GCM( Galois/Counter Mode )<a class="headerlink" href="#gcm-galois-counter-mode" title="永久链接至标题">¶</a></h2>
|
|
|
|
|
<p>GCM中的G就是指GMAC,C就是指CTR。于是将CTR算法加上GMAC验证就是AES-GCM模式了。过程如下图所示:</p>
|
|
|
|
|
<blockquote>
|
|
|
|
|
<div><div class="figure align-default">
|
|
|
|
|
<img alt="" src="../../_images/image4.png" />
|
|
|
|
|
</div>
|
|
|
|
|
</div></blockquote>
|
|
|
|
|
</div>
|
|
|
|
|
<div class="section" id="id2">
|
|
|
|
|
<h2>具体实现<a class="headerlink" href="#id2" title="永久链接至标题">¶</a></h2>
|
|
|
|
|
<p>具体代码实现大体如下图所示:</p>
|
|
|
|
|
<blockquote>
|
|
|
|
|
<div><div class="figure align-default">
|
|
|
|
|
<img alt="" src="../../_images/image5.png" />
|
|
|
|
|
</div>
|
|
|
|
|
</div></blockquote>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
</div>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
</div>
|
|
|
|
|
<footer>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
|
|
|
|
|
<hr/>
|
|
|
|
|
|
|
|
|
|
<div role="contentinfo">
|
|
|
|
|
<p>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
© 版权所有 2020, Bouffalo Lab
|
|
|
|
|
|
|
|
|
|
</p>
|
|
|
|
|
</div>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
利用 <a href="http://sphinx-doc.org/">Sphinx</a> 构建,使用了
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
<a href="https://github.com/rtfd/sphinx_rtd_theme">主题</a>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
由 <a href="https://readthedocs.org">Read the Docs</a>开发.
|
2020-10-26 12:43:20 +00:00
|
|
|
|
|
|
|
|
|
</footer>
|
|
|
|
|
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
|
|
|
|
|
</section>
|
|
|
|
|
|
|
|
|
|
</div>
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
|
|
|
|
|
<script type="text/javascript">
|
|
|
|
|
jQuery(function () {
|
|
|
|
|
SphinxRtdTheme.Navigation.enable(true);
|
|
|
|
|
});
|
|
|
|
|
</script>
|
|
|
|
|
|
2020-11-08 19:32:47 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2020-10-26 12:43:20 +00:00
|
|
|
|
|
|
|
|
|
</body>
|
|
|
|
|
</html>
|