OpenSSL对称加密算法中怎么样添加新算法if(n != 0)
for(i=n; i<8;> buf[i] = iv[i];
while(l--)
{
if(n == 0)
{
encrypt(iv, buf, key, &len);
for(i=0; i<8;> iv[i] = buf[i];
}
*(out++) = *(in++) ^ buf[n];
n = (n+1)&0x07; /* n=(n+1)%0x08*/
/* iv加密输出结果作魏下一次iv, iv与in异或运算的结果作为ofb加密输出 */
}
*num = n;/*store current processing position as entry of next encryption*/
i = n = 0;
}
三:怎么样在SSL协议中添加新的加密算法!
首先,我们来看相关的全局变量 ssl3_ciphers[],在ssl/s3_lib.c中定义
变量的类型定义如下:
typedef struct ssl_cipher_st
{
int valid;
const char *name; /* text name */
unsigned long id; /* id, 4 bytes, first is version */
unsigned long algorithms; /* what ciphers are used */
unsigned long algo_strength; /* strength and export flags */
unsigned long algorithm2; /* Extra flags */
int strength_bits; /* Number of bits really used */
int alg_bits; /* Number of bits for algorithm */
unsigned long mask; /* used for matching */
unsigned long mask_strength; /* also used for matching */
} SSL_CIPHER;
举例来说明
/* Cipher 03 */
{
1,
SSL3_TXT_RSA_RC4_40_MD5, //字符串,在ssl3.h中定义!
SSL3_CK_RSA_RC4_40_MD5, //整形,在ssl3.h中定义
SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_SSLV3,(在ssl_loal.h中定义)
//密钥交换算法|身份认证算法|加密算法|消息摘要算法|ssl协议版本号
SSL_EXPORT|SSL_EXP40,
0,
40,
128,
SSL_ALL_CIPHERS,
SSL_ALL_STRENGTHS,
},
如果增加了新的加密算法,必须注意定义的所数值是否可用,如果涉及到位与运算,还必须更改相应的掩码!
EVP_CIPHER *ssl_cipher_methods在ssl_ciph中定义,在函数void load_ciphers(void) 中完成对ssl_cipher_methods的初始化工作!
请在这里添加新的加密算法!并且在int ssl_cipher_get_evp(SSL_SESSION *s, const EVP_CIPHER **enc, const EVP_MD **md, SSL_COMP **comp)和static unsigned long ssl_cipher_get_disabled(void)中添加相应的实现算法!
上一篇:Linux下基于路由策略的IP地址控制实例 下一篇:安全多方位 Linux系统守护进程详解 更多相关文章
|
推荐文章
精彩文章
|
