具有BIO API的OpenSSL EVP_aes_128_gcm
[英]OpenSSL EVP_aes_128_gcm with BIO API
问题描述
I'm trying to use OpenSSL's BIO interfaces with the AES GCM 128 bit encryption mode. 
我正在尝试将OpenSSL的BIO接口与AES GCM 128位加密模式一起使用。 I'm almost directly copying an example from a book (Network Security with OpenSSL example 4.8) and just changing the encryption mode to aes_128_gcm, but things don't work (an empty file is written). 我几乎是直接从书中复制一个示例(带有OpenSSL的4.8版网络安全性),并且只是将加密模式更改为aes_128_gcm,但是事情不起作用(写入了一个空文件)。 Since I'm new to OpenSSL I'm probably doing something silly. 由于我是OpenSSL的新手,所以我可能在做一些愚蠢的事情。 Can you please tell me what's wrong in the snippet below: 您能否告诉我下面的代码段出了什么问题:
int main()
{
OpenSSL_add_all_algorithms();
char *msg = "hello";
return write_data("hello.out", msg, strlen(msg), "1234567890123456");
}
int write_data(const char *filename, char *out, int len, unsigned char *key)
{
int total, written;
BIO *cipher, *b64, *buffer, *file;
file = BIO_new_file(filename, "w");
buffer = BIO_new(BIO_f_buffer());
b64 = BIO_new(BIO_f_base64());
cipher = BIO_new(BIO_f_cipher());
BIO_set_cipher(cipher, EVP_aes_128_gcm(), key, NULL, 1);
BIO_push(cipher, b64);
BIO_push(b64, buffer);
BIO_push(buffer, file);
for (total = 0; total < len; total += written)
{
if ((written = BIO_write(cipher, out + total, len - total)) <= 0)
{
if (BIO_should_retry(cipher))
{
written = 0;
continue;
}
break;
}
}
BIO_flush(cipher);
BIO_free_all(cipher);
}
I've just changed EVP_des_ede3_cbc() from the example to EVP_aes_128_gcm() - and changed the key to be 16 chars. 我刚刚将示例中的EVP_des_ede3_cbc()更改为EVP_aes_128_gcm()-并将密钥更改为16个字符。
1 个解决方案
解决方案1
1 已采纳 2014-11-17 12:01:35
Sorry, I figured this out. 抱歉,我知道了。 I was passing a NULL as IV - which is absolutely required - apparently! 我当时将NULL作为IV传递-这是绝对必要的-显然!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.