[英]aes-256-cbc encryption/decryption keys don't work
我做了一個簡單的文件加密器/解密器。 它使用模式和文件作為參數進行操作。 加密時,它將生成隨機字符串並使用該字符串加密文件。 解密文件時,它會提示用戶輸入密碼,並在解密時使用該密碼。
我的問題是,即使我小心地將相同的密鑰寫入輸入,解密時也會得到亂碼而不是純文本。
我跟蹤問題的原因是密碼,因為當我使用固定密碼時,一切都可以正常工作
unsigned char constkey[] = "asd123";
並用於加密和解密。
是什么讓我的鑰匙與眾不同?
非常感謝James K Polk的加密/解密代碼!
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <openssl/evp.h>
#include <openssl/aes.h>
#include <time.h>
#include <errno.h>
#ifndef TRUE
#define TRUE 1
#endif
#ifndef FALSE
#define FALSE 0
#endif
/* Encrypt or decrypt, depending on flag 'should_encrypt' */
void en_de_crypt(int should_encrypt, FILE *ifp, FILE *ofp, unsigned char *ckey, unsigned char *ivec) {
const unsigned BUFSIZE=4096;
unsigned char *read_buf = malloc(BUFSIZE);
unsigned char *cipher_buf;
unsigned blocksize;
int out_len;
EVP_CIPHER_CTX ctx;
EVP_CipherInit(&ctx, EVP_aes_256_cbc(), ckey, ivec, should_encrypt);
blocksize = EVP_CIPHER_CTX_block_size(&ctx);
cipher_buf = malloc(BUFSIZE + blocksize);
while (1) {
// Read in data in blocks until EOF. Update the ciphering with each read.
int numRead = fread(read_buf, sizeof(unsigned char), BUFSIZE, ifp);
EVP_CipherUpdate(&ctx, cipher_buf, &out_len, read_buf, numRead);
fwrite(cipher_buf, sizeof(unsigned char), out_len, ofp);
if (numRead < BUFSIZE) { // EOF
break;
}
}
// Now cipher the final block and write it out.
EVP_CipherFinal(&ctx, cipher_buf, &out_len);
fwrite(cipher_buf, sizeof(unsigned char), out_len, ofp);
// Free memory
free(cipher_buf);
free(read_buf);
}
int rand_string(char *str, size_t size)
{
size_t n;
const char charset[] = "ABCDEFGHIJKLMNOPQRSTUWVXYZO1234567890";
for (n = 0; n < size; n++) {
int key = rand() % (int) (sizeof charset - 1);
str[n] = charset[key];
}
str[size] = '\0';
return 0;
}
void copyfile(FILE* from, FILE* to)
{
fseek(from, 0, SEEK_END);
long filesize = ftell(from);
fseek(from, 0, SEEK_SET);
char b[2];
long a;
for(a=0; a<filesize; a++)
{
fread(b, 1, 1, from);
fwrite(b, 1, 1, to);
}
}
int main(int argc, char *argv[]) {
if (argc != 3) { printf("usage: %s mode file\n", argv[0]); return 0; }
unsigned char ivec[] = "dontusethisinput";
FILE *fIN, *fOUT;
if (!strcmp(argv[1],"e"))
{
srand(time(NULL)); /* seed random */
char passkey[6];
rand_string(passkey,5); /* generate random password */
if((fIN = fopen(argv[2], "rb")) == NULL){ printf("ERROR: %s\n", strerror(errno)); return 0; }
fOUT = fopen("tempfile", "wb+");
en_de_crypt(TRUE, fIN, fOUT, (unsigned char*)passkey, ivec); /* encrypt the file */
fclose(fIN);
fclose(fOUT);
if((fIN = fopen(argv[2], "wb+")) == NULL){ printf("ERROR: %s\n", strerror(errno)); return 0; }
fOUT = fopen("tempfile", "rb");
copyfile(fOUT, fIN); /* replace the file with encrypted one */
fclose(fIN);
fclose(fOUT);
printf("file encrypted with key [%s]\n", passkey);
}
else if(!strcmp(argv[1],"d"))
{
char key[6];
printf("Password: ");
fgets(key, 6, stdin); /* prompt for the key */
key[5] = '\0';
if((fIN = fopen(argv[2], "rb")) == NULL){ printf("ERROR: %s\n", strerror(errno)); return 0; }
fOUT = fopen("tempfile", "wb+");
en_de_crypt(FALSE, fIN, fOUT, (unsigned char*)key, ivec); /* decrypt the file */
fclose(fIN);
fclose(fOUT);
if((fIN = fopen(argv[2], "wb+")) == NULL){ printf("ERROR: %s\n", strerror(errno)); return 0; }
fOUT = fopen("tempfile", "rb");
copyfile(fOUT, fIN); /* replace the file with decrypted one */
fclose(fIN);
fclose(fOUT);
printf("file decrypted with key [%s]\n",key);
}
else { printf("invalid mode\n"); return 0; }
remove("tempfile");
return 0;
}
我跟蹤問題的原因是密碼,因為當我使用固定密碼時,一切都可以正常工作
unsigned char constkey[] = "asd123";並用於加密和解密。
AES不使用它使用(二進制)密鑰的密碼。 對於AES-256 ,它期望一個256位長的密鑰。 由於OpenSSL將您的constkey視為256位密鑰,它將讀取超出您提供的值的密鑰,並最終在密鑰末尾提供一些隨機數據(如果您幸運地避免了任何訪問沖突)。
如果您在同一程序中執行此操作,則在加密和解密時,密鑰中都將最終獲得相同的隨機數據-一切似乎都很好。
嘗試使用正確的密鑰長度。
Erlang中的AES-256 / CBC加密和C中的解密不起作用
[英]AES-256 / CBC encryption in Erlang & decryption in C not working
在Android中使用OpenSSL的AES-256 CBC加密/解密字符串
[英]AES-256 CBC Encryption/Decryption string using OpenSSL in Android
AES(aes-cbc-128、aes-cbc-192、aes-cbc-256)加密/解密,無需 openssl C
[英]AES (aes-cbc-128, aes-cbc-192, aes-cbc-256) encryption/decryption WITHOUT openssl C
使用openssl C進行AES(aes-cbc-128,aes-cbc-192,aes-cbc-256)加密/解密
[英]AES (aes-cbc-128, aes-cbc-192, aes-cbc-256) encryption/decryption with openssl C
使用libgcrypt使用aes256-cbc在C中加密和解密文件的問題
[英]issue with encryption and decryption of a file in C with aes256-cbc using libgcrypt
為什么使用EVP進行加密/解密時aes_128_cbc()可以工作,而aes_128_gcm()卻不起作用?
[英]Why does aes_128_cbc() work but not aes_128_gcm() for encryption/decryption using EVP?
openssl C和android之間的跨平台AES / CBC加密解密
[英]Cross platform AES/CBC encryption decryption between openssl C and android
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.