Fatal编程技术网
  • c/
  • C openssl aes evp多次解密,无法获得预期结果;

C openssl aes evp多次解密,无法获得预期结果;

c openssl

C openssl aes evp多次解密,无法获得预期结果;,c,openssl,aes,C,Openssl,Aes,添加“第二次初始化” 输出信息 #include <stdio.h> #include <stdlib.h> #include <unistd.h> #include <string.h> #include <stdint.h> #include <openssl/ssl.h> #include <openssl/evp.h> #include <openssl/err.h> #include &l

添加“第二次初始化” 输出信息

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <stdint.h>

#include <openssl/ssl.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/aes.h>

int en_evp_init(uint8_t* password, int len, EVP_CIPHER_CTX** pp_ctx)
{
    int ret               = 0;
    unsigned char key[32] = {0};
    unsigned char iv[16]  = {0};
    const EVP_CIPHER* cip = NULL;

    if(*pp_ctx != NULL)
        EVP_CIPHER_CTX_free(*pp_ctx);

    *pp_ctx = EVP_CIPHER_CTX_new();
    if(*pp_ctx == NULL)
        return -1;

    EVP_CIPHER_CTX_init(*pp_ctx);

    cip = EVP_get_cipherbyname("aes-256-cbc");
    if(cip == NULL)
    {
        printf("EVP_get_cipherbyname aes-256-cfb\n");
        return -1;
    }   
    EVP_BytesToKey(cip, EVP_md5(), NULL, password, len, 1, key, iv);

    EVP_CIPHER_CTX_set_padding(*pp_ctx, 0);

    ret = EVP_CipherInit_ex(*pp_ctx, cip, NULL, key, iv, 1);
    if(ret != 1)
    {
        printf("EVP_CipherInit_ex failed!\n");
        return -1;
    }   
    return 0;
}

int de_evp_init(uint8_t* password, int len, EVP_CIPHER_CTX** pp_ctx)
{
    int ret               = 0;
    unsigned char key[32] = {0};
    unsigned char iv[16]  = {0};
    const EVP_CIPHER* cip = NULL;

    if(*pp_ctx != NULL)
        EVP_CIPHER_CTX_free(*pp_ctx);

    *pp_ctx = EVP_CIPHER_CTX_new();
    if(*pp_ctx == NULL)
        return -1;

    EVP_CIPHER_CTX_init(*pp_ctx);

    cip = EVP_get_cipherbyname("aes-256-cbc");
    if(cip == NULL)
    {
        printf("EVP_get_cipherbyname aes-256-cbc failed!\n");
        return -1;
    }   
    EVP_BytesToKey(cip, EVP_md5(), NULL, password, len, 1, key, iv);

    EVP_CIPHER_CTX_set_padding(*pp_ctx, 0);

    ret = EVP_CipherInit_ex(*pp_ctx, cip, NULL, key, iv, 0);
    if(ret != 1)
    {
        printf("EVP_CipherInit_ex de_evp_init failed!\n");
        return -1;
    }   
    return 0;
}

int evp_crypto(uint8_t* in, int in_len, uint8_t* out, int* out_len, EVP_CIPHER_CTX* p_ctx)
{
    int ret = 0;
    int en_len = 0;

    ret = EVP_CipherUpdate(p_ctx, out, out_len, in, in_len);
    if(ret != 1)
        return -1;

    en_len = *out_len;

    EVP_CipherFinal_ex(p_ctx, out + en_len, out_len);

    en_len += *out_len;

    *out_len = en_len;

    return 0;
}

int main(void)
{
    SSL_load_error_strings();
    OpenSSL_add_ssl_algorithms();
    SSLeay_add_ssl_algorithms();
    SSL_library_init();

    EVP_CIPHER_CTX* p_en_ctx = NULL;
    EVP_CIPHER_CTX* p_de_ctx = NULL;

    uint8_t pass[256] = {0};
    uint8_t buffer[256 + 256] = {0};
    int buffer_len = 0;

    uint8_t en_buffer[256 + 256] = {0};
    int en_buffer_len = 0;

    uint8_t de_buffer[256 + 256] = {0};
    int de_buffer_len = 0;


    uint8_t en_copy_buffer[256 + 256] = {0};
    int en_copy_buffer_len = 0;

    //set password
    memset(pass, '1', sizeof(pass));

    //set ori buffer(plainttext)
    memset(buffer, '1', 250);
    buffer_len = 250;

    if(-1 == en_evp_init(pass, sizeof(pass), &p_en_ctx))
    {
        printf("en_evp_init en ctx failed!\n");
        return -1;
    }

    if(-1 == evp_crypto(buffer, buffer_len, en_buffer, &en_buffer_len, p_en_ctx))
    {
        printf("evp_crypto encrypt failed!\n");
        return -1;
    }

    memcpy(en_copy_buffer, en_buffer, en_buffer_len);
    en_copy_buffer_len = en_buffer_len;

    printf("evp_crypto p_en_ctx success buffer len :%d en len: %d\n", buffer_len, en_buffer_len);

    if(-1 == de_evp_init(pass, sizeof(pass), &p_de_ctx))
    {
        printf("de_evp_init de ctx failed!\n");
        return -1;
    }

    if(-1 == evp_crypto(en_buffer, en_buffer_len, de_buffer, &de_buffer_len, p_de_ctx))
    {
        printf("evp_crypto encrypt failed!\n");
        return -1;
    }

    printf("de_buffer : %s  de_buffer_len:%d\n", de_buffer, de_buffer_len);

#if 0
//second init
    if(-1 == de_evp_init(pass, sizeof(pass), &p_de_ctx))
    {
        printf("de_evp_init de ctx failed!\n");
        return -1;
    }
#endif

    memset(de_buffer, 0, sizeof(de_buffer));
    de_buffer_len = 0;
    if(-1 == evp_crypto(en_copy_buffer, en_copy_buffer_len, de_buffer, &de_buffer_len, p_de_ctx))
    {
        printf("evp_crypto encrypt failed!\n");
        return -1;
    }

    printf("de_buffer : %s  de_buffer_len:%d\n", de_buffer, de_buffer_len);


    return 0;
}

evp_crypto p_en_ctx success buffer len :250 en len: 256
de_buffer : 1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111  de_buffer_len:250
de_buffer : 1111111111-ArFԥK111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111  de_buffer_len:266
openssl版本 OpenSSL 1.0.2g 2016年3月1日

生成文件 gcc-Wall-g-L/usr/lib/x86_64-linux-gnu/evp.c-lssl-lcrypto

  • 为什么设置“EVP_CIPHER_CTX_set_padding(*pp_CTX,0);”无效
  • 为什么会出现第二次解密错误
  • 为什么重新初始化dectx可以正确解密,它需要在每次解密之前初始化
    • 你好,阿冈,如果你能看看并确保你能解释你想做什么,那就太好了。代码示例很好,但是输入/输出呢?你想实现什么(在高层次上)?em,我使用openssl的evp模式(使用AES对称加密),初始化加密和解密的evp_CIPHER_CTX结构一次,当一段数据加密然后多次解密时,无法获得预期的结果。为什么 
    evp_crypto p_en_ctx success buffer len :250 en len: 256
de_buffer : 1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111  de_buffer_len:250
de_buffer : 1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111  de_buffer_len:250