OpenSSL C Cryptopals挑战7
我一直在努力学习OpenSSL C API。我找到了有趣的挑战页面,想尝试一些简单的挑战。我接受了第7次挑战: 在阅读了OpenSSL文档之后,我想做一些编码。我从OpenSSL wiki页面复制粘贴了下面的大部分代码。但不知何故,我无法使这项工作。我试着用谷歌搜索错误,发现人们很容易在年就解决了这个问题,但在C中却一无所获 输入文件以Base64编码,并带有换行符。所以我首先做的是删除换行符。我是用tr工具手动完成的,而不是编程完成的OpenSSL C Cryptopals挑战7,c,encryption,openssl,C,Encryption,Openssl,我一直在努力学习OpenSSL C API。我找到了有趣的挑战页面,想尝试一些简单的挑战。我接受了第7次挑战: 在阅读了OpenSSL文档之后,我想做一些编码。我从OpenSSL wiki页面复制粘贴了下面的大部分代码。但不知何故,我无法使这项工作。我试着用谷歌搜索错误,发现人们很容易在年就解决了这个问题,但在C中却一无所获 输入文件以Base64编码,并带有换行符。所以我首先做的是删除换行符。我是用tr工具手动完成的,而不是编程完成的 tr -d '\n' < cipertext >
tr -d '\n' < cipertext > ciphertext.no_newlines
接下来,我复制了这个OpenSSL网页中的大部分内容:
加密和解密函数是文档的精确副本。我只修改了主函数。我还从某个地方复制了readFile函数(经过测试,它工作正常)
我是这样编译的:
gcc -I /opt/openssl/include challenge7.c /opt/openssl/lib/libcrypto.a -lpthread -ldl -o challenge7
但我收到了这个错误:
140095710082880:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:570:
[1] 24550 abort (core dumped) ./challenge7
我在谷歌上搜索了这个错误,发现它可能与OpenSSL版本之间的不兼容有关,即用于加密文件的版本和我计算机上的版本。这真的是原因吗?如果是这样的话,那么这是有史以来最糟糕的库,我无法使用相同的算法用不同版本的库解密文件。我怎么也不相信。我听说OpenSSL很糟糕,但不知怎的,我不相信这就是这个错误的原因
有人能帮我找出我一直在做的错事吗?整个代码如下:
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <string.h>
char* readFile(char* filename, int* size)
{
char* source = NULL;
FILE *fp = fopen(filename, "r");
if (fp != NULL) {
if (fseek(fp, 0L, SEEK_END) == 0) {
long bufsize = ftell(fp);
if (bufsize == -1) {
fputs("ftell error", stderr);
} else {
source = malloc(sizeof(char) * (bufsize + 1));
if (fseek(fp, 0L, SEEK_SET) != 0) {
fputs("fseek error", stderr);
}
size_t nl = fread(source, sizeof(char), bufsize, fp);
if (ferror(fp) != 0) {
fputs("Error reading file", stderr);
} else {
source[nl] = '\0';
*size = nl;
}
}
}
fclose(fp);
}
return source;
}
void handleErrors(void)
{
ERR_print_errors_fp(stderr);
abort();
}
int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key,
unsigned char *iv, unsigned char *ciphertext)
{
EVP_CIPHER_CTX *ctx;
int len;
int ciphertext_len;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new()))
handleErrors();
/*
* Initialise the encryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits
*/
if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
handleErrors();
/*
* Provide the message to be encrypted, and obtain the encrypted output.
* EVP_EncryptUpdate can be called multiple times if necessary
*/
if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
handleErrors();
ciphertext_len = len;
/*
* Finalise the encryption. Further ciphertext bytes may be written at
* this stage.
*/
if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len))
handleErrors();
ciphertext_len += len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return ciphertext_len;
}
int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key,
unsigned char *iv, unsigned char *plaintext)
{
EVP_CIPHER_CTX *ctx;
int len;
int plaintext_len;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new()))
handleErrors();
/*
* Initialise the decryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits
*/
if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
handleErrors();
/*
* Provide the message to be decrypted, and obtain the plaintext output.
* EVP_DecryptUpdate can be called multiple times if necessary.
*/
if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
handleErrors();
plaintext_len = len;
/*
* Finalise the decryption. Further plaintext bytes may be written at
* this stage.
*/
if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len))
handleErrors();
plaintext_len += len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return plaintext_len;
}
int main (void)
{
unsigned char *key = (unsigned char *)"59454C4C4F57205355424D4152494E45";
unsigned char *iv = NULL;
int decryptedtext_len;
int ciphertext_len;
char* ciphertext = readFile("ciphertext.no_newlines_decoded", &ciphertext_len);
unsigned char decryptedtext[10000];
decryptedtext_len = decrypt(ciphertext, ciphertext_len, key, iv, decryptedtext);
decryptedtext[decryptedtext_len] = '\0';
printf("Decrypted text is:\n");
printf("%s\n", decryptedtext);
return 0;
}
#包括
#包括
#包括
#包括
char*readFile(char*filename,int*size)
{
char*source=NULL;
FILE*fp=fopen(文件名,“r”);
如果(fp!=NULL){
如果(fseek(fp,0L,SEEK_END)=0){
长bufsize=ftell(fp);
如果(bufsize==-1){
fputs(“ftell错误”,标准);
}否则{
source=malloc(sizeof(char)*(bufsize+1));
如果(fseek(fp,0L,SEEK_SET)!=0){
fputs(“fseek错误”,标准);
}
size_t nl=fread(源,sizeof(char),bufsize,fp);
如果(费罗(fp)!=0){
fputs(“读取文件时出错”,stderr);
}否则{
源[nl]='\0';
*大小=nl;
}
}
}
fclose(fp);
}
返回源;
}
无效句柄错误(无效)
{
错误打印错误fp(stderr);
中止();
}
int encrypt(无符号字符*明文、int明文、无符号字符*密钥、,
无符号字符*iv,无符号字符*密文)
{
EVP_CIPHER_CTX*CTX;
内伦;
整数密文;
/*创建并初始化上下文*/
如果(!(ctx=EVP\u CIPHER\u ctx\u new())
handleErrors();
/*
*初始化加密操作。重要信息-确保使用密钥
*和适合您密码的IV大小
*在本例中,我们使用256位AES(即256位密钥)
**大多数*模式的IV大小与块大小相同。对于AES
*是128位
*/
如果(1!=EVP_EncryptInit_ex(ctx,EVP_aes_256_cbc(),NULL,key,iv))
handleErrors();
/*
*提供要加密的消息,并获取加密输出。
*如有必要,可多次调用EVP_EncryptUpdate
*/
如果(1!=EVP_EncryptUpdate(ctx、密文和len、明文、明文))
handleErrors();
密文_len=len;
/*
*完成加密。进一步的密文字节可写入
*这个阶段。
*/
如果(1!=EVP_EncryptFinal_ex(ctx、密文+len和len))
handleErrors();
密文_len+=len;
/*清理*/
无密码(CTX)的执行副总裁;
返回密文;
}
整数解密(无符号字符*密文,整数密文,无符号字符*密钥,
无符号字符*iv,无符号字符*纯文本)
{
EVP_CIPHER_CTX*CTX;
内伦;
int纯文本;
/*创建并初始化上下文*/
如果(!(ctx=EVP\u CIPHER\u ctx\u new())
handleErrors();
/*
*初始化解密操作。重要信息-确保使用密钥
*和适合您密码的IV大小
*在本例中,我们使用256位AES(即256位密钥)
**大多数*模式的IV大小与块大小相同。对于AES
*是128位
*/
if(1!=EVP_DecryptInit_ex(ctx,EVP_aes_256_cbc(),NULL,key,iv))
handleErrors();
/*
*提供要解密的消息,并获得明文输出。
*如有必要,可以多次调用EVP_DecryptUpdate。
*/
if(1!=EVP_DecryptUpdate(ctx、明文和len、密文、密文_len))
handleErrors();
明文_len=len;
/*
*完成解密。可在以下位置写入更多明文字节:
*这个阶段。
*/
如果(1!=执行副总裁(ctx、明文+len和len))
handleErrors();
明文_len+=len;
/*清理*/
无密码(CTX)的执行副总裁;
返回纯文本;
}
内部主(空)
{
无符号字符*键=(无符号字符*)“59454C4F572535424D4152494E45”;
无符号字符*iv=NULL;
int-decryptedtext_len;
整数密文;
char*ciphertext=readFile(“ciphertext.no\u newlines\u decoded”、&ciphertext\u len);
未签名字符解密文本[10000];
解密文本=解密(密文,密文,密钥,iv,解密文本);
decryptedtext[decryptedtext_len]='\0';
printf(“解密文本为:\n”);
printf(“%s\n”,解密文本);
返回0;
}
可能的原因是您使用的是AES-CBC密码而不是建议的AES-ECB(EVP\u DecryptInit\u ex(ctx,**EVP\u AES\u 256\u CBC()**,NULL,key,iv)
)
实际的错误可能是由于将NULL指针作为IV传递给此CBC密码造成的(我不知道此API在这种情况下实际如何工作,但IV对于CBC加密是必需的)
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <string.h>
char* readFile(char* filename, int* size)
{
char* source = NULL;
FILE *fp = fopen(filename, "r");
if (fp != NULL) {
if (fseek(fp, 0L, SEEK_END) == 0) {
long bufsize = ftell(fp);
if (bufsize == -1) {
fputs("ftell error", stderr);
} else {
source = malloc(sizeof(char) * (bufsize + 1));
if (fseek(fp, 0L, SEEK_SET) != 0) {
fputs("fseek error", stderr);
}
size_t nl = fread(source, sizeof(char), bufsize, fp);
if (ferror(fp) != 0) {
fputs("Error reading file", stderr);
} else {
source[nl] = '\0';
*size = nl;
}
}
}
fclose(fp);
}
return source;
}
void handleErrors(void)
{
ERR_print_errors_fp(stderr);
abort();
}
int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key,
unsigned char *iv, unsigned char *ciphertext)
{
EVP_CIPHER_CTX *ctx;
int len;
int ciphertext_len;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new()))
handleErrors();
/*
* Initialise the encryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits
*/
if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
handleErrors();
/*
* Provide the message to be encrypted, and obtain the encrypted output.
* EVP_EncryptUpdate can be called multiple times if necessary
*/
if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
handleErrors();
ciphertext_len = len;
/*
* Finalise the encryption. Further ciphertext bytes may be written at
* this stage.
*/
if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len))
handleErrors();
ciphertext_len += len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return ciphertext_len;
}
int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key,
unsigned char *iv, unsigned char *plaintext)
{
EVP_CIPHER_CTX *ctx;
int len;
int plaintext_len;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new()))
handleErrors();
/*
* Initialise the decryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits
*/
if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
handleErrors();
/*
* Provide the message to be decrypted, and obtain the plaintext output.
* EVP_DecryptUpdate can be called multiple times if necessary.
*/
if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
handleErrors();
plaintext_len = len;
/*
* Finalise the decryption. Further plaintext bytes may be written at
* this stage.
*/
if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len))
handleErrors();
plaintext_len += len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return plaintext_len;
}
int main (void)
{
unsigned char *key = (unsigned char *)"59454C4C4F57205355424D4152494E45";
unsigned char *iv = NULL;
int decryptedtext_len;
int ciphertext_len;
char* ciphertext = readFile("ciphertext.no_newlines_decoded", &ciphertext_len);
unsigned char decryptedtext[10000];
decryptedtext_len = decrypt(ciphertext, ciphertext_len, key, iv, decryptedtext);
decryptedtext[decryptedtext_len] = '\0';
printf("Decrypted text is:\n");
printf("%s\n", decryptedtext);
return 0;
}