堆棧內存溢出
  簡體   English   中英

openssl 命令加密數據不匹配 EVP_aes_128_cbc C 代碼

[英]openssl command encrypt data does not match EVP_aes_128_cbc C code

 原文  2021-03-01 03:45:37       c++/ c/ encryption/ openssl

問題描述

I tried the following C implementation of Openssl EVP function for AES-128-CBC encryption but the results I am getting are incorrect compared to the command line OpenSSL result.

我在下面的網站上引用了代碼。

https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption

AES-128-CBC的C代碼實現:

#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <string.h>

void handleErrors(void)
{
    ERR_print_errors_fp(stderr);
    abort();
}

int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key,
            unsigned char *iv, unsigned char *ciphertext)
{
    EVP_CIPHER_CTX *ctx;

    int len;
    int ciphertext_len;

    if(!(ctx = EVP_CIPHER_CTX_new()))
        handleErrors();

    if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv))
        handleErrors();

    if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
        handleErrors();
    ciphertext_len = len;

    if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len))
        handleErrors();
    ciphertext_len += len;

    /* Clean up */
    EVP_CIPHER_CTX_free(ctx);

    return ciphertext_len;
}

int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key,
            unsigned char *iv, unsigned char *plaintext)
{
    EVP_CIPHER_CTX *ctx;

    int len;
    int plaintext_len;

    /* Create and initialise the context */
    if(!(ctx = EVP_CIPHER_CTX_new()))
        handleErrors();

    if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv))
        handleErrors();

    if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
        handleErrors();
    plaintext_len = len;

    if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len))
        handleErrors();
    plaintext_len += len;

    /* Clean up */
    EVP_CIPHER_CTX_free(ctx);

    return plaintext_len;
}

int main (void)
{
    /* A 128 bit key */
    unsigned char *key = (unsigned char *)"0123456789012345";

    /* A 128 bit IV */
    unsigned char *iv = (unsigned char *)"0123456789012345";

    /* Message to be encrypted */
    unsigned char *plaintext =
        (unsigned char *)"The quick brown fox jumps over the lazy dog";

    /*
     * Buffer for ciphertext. Ensure the buffer is long enough for the
     * ciphertext which may be longer than the plaintext, depending on the
     * algorithm and mode.
     */
    unsigned char ciphertext[128];

    /* Buffer for the decrypted text */
    unsigned char decryptedtext[128];

    int decryptedtext_len, ciphertext_len;

    /* Encrypt the plaintext */
    ciphertext_len = encrypt (plaintext, strlen ((char *)plaintext), key, iv,
                              ciphertext);

    /* Do something useful with the ciphertext here */
    printf("Ciphertext is:\n");
    BIO_dump_fp (stdout, (const char *)ciphertext, ciphertext_len);

    /* Decrypt the ciphertext */
    decryptedtext_len = decrypt(ciphertext, ciphertext_len, key, iv,
                                decryptedtext);

    /* Add a NULL terminator. We are expecting printable text */
    decryptedtext[decryptedtext_len] = '\0';

    /* Show the decrypted text */
    printf("Decrypted text is:\n");
    printf("%s\n", decryptedtext);


    return 0;
}

Output:

Ciphertext is:
0000 - 30 89 e6 bc 22 4b d9 5b-85 cf 56 f4 b9 67 11 8a   0..."K.[..V..g..
0010 - aa 47 05 43 0f 25 b6 b4-d9 53 18 8a d1 5d d7 8f   .G.C.%...S...]..
0020 - 38 67 57 7e 7d 58 e1 8c-9c b3 40 64 7c 8b 4f d8   8gW~}X....@d|.O.
Decrypted text is:
The quick brown fox jumps over the lazy dog

OpenSSL 命令行:

printf "The quick brown fox jumps over the lazy dog" | openssl enc -e -aes-128-cbc -K 0123456789012345 -iv 0123456789012345 | xxd

OpenSSL Output:

00000000: 86ec 68f6 1d8f 440b 70e8 e7d2 69dc 5319  ..h...D.p...i.S.
00000010: c023 893a 3451 5a17 5e51 0b69 5e70 b073  .#.:4QZ.^Q.i^p.s
00000020: 7fbe 6f6f e61f dfb0 d32e 36a9 6651 021e  ..oo......6.fQ...

為什么 output 結果不同?

如何修復代碼?

1 個解決方案

解決方案1
 2 已采納  2021-03-01 03:54:05

命令行上傳遞的密鑰和 IV 應格式化為表示密鑰和 IV 字節的十六進制字符串,而不是 ASCII 文本。

所以而不是:

-K 0123456789012345 -iv 0123456789012345

你要:

-K 30313233343536373839303132333435 -iv 30313233343536373839303132333435

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 OpenSSL AES 128 CBC \\ 0崩潰已加密char * AES CBC 128 位加密-OpenSSL OpenSSL AES_cfb128_encrypt C ++ 使用OpenSSL / C ++和PHP / Mcrypt進行AES-128-CBC加密:僅解密第一個塊 用C ++解密文件,用openssl -aes-128-cbc加密 AES_cbc_encrypt是否添加填充? 在mbed微控制器(C ++)上加密AES128-CBC並在Node.js中解密AES128-CBC QT:根據 PHP 代碼在 C++ 中加密/解密 QT QT C ++ - OpenSSL AES - EVP.h 用Java加密(AES),用C ++解密(OpenSSL)
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM