C 解密(AES)和解码(Base64)后获取错误的纯文本
我编写了一个小测试程序,它接受一个纯文本字符串,使用AES对其进行加密,并将其编码到Base64中。这一部分看起来不错,但当我试图解码和解密数据时,我得到了错误的信息 我的代码如下。我对C语言很陌生,所以我认为我在某个地方错误地使用了指针或引用,这是一个新手的错误。我试图在C 解密(AES)和解码(Base64)后获取错误的纯文本,c,encryption,base64,C,Encryption,Base64,我编写了一个小测试程序,它接受一个纯文本字符串,使用AES对其进行加密,并将其编码到Base64中。这一部分看起来不错,但当我试图解码和解密数据时,我得到了错误的信息 我的代码如下。我对C语言很陌生,所以我认为我在某个地方错误地使用了指针或引用,这是一个新手的错误。我试图在EVP\u decryptofinal\u ex函数中找到问题所在,但似乎找不到bug。注意!请忽略iv和键的使用,这只是测试代码 代码: #define _GNU_SOURCE #include <stdio.h>
EVP\u decryptofinal\u exiv键的使用,这只是测试代码
代码:
#define _GNU_SOURCE
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <math.h>
#include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/pem.h>
// BASE 64 ENCODING
char* base64Encode(const unsigned char *message, const size_t length) {
BIO *bio;
BIO *b64;
FILE* stream;
int encodedSize = 4*ceil((double)length/3);
char *buffer = (char*)malloc(encodedSize+1);
stream = fmemopen(buffer, encodedSize+1, "w");
b64 = BIO_new(BIO_f_base64());
bio = BIO_new_fp(stream, BIO_NOCLOSE);
bio = BIO_push(b64, bio);
BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
BIO_write(bio, message, length);
(void)BIO_flush(bio);
BIO_free_all(bio);
fclose(stream);
return buffer;
}
// BASE 64 DECODING
int calcDecodeLength(const char *b64input) {
int len = strlen(b64input);
int padding = 0;
// Check for trailing '=''s as padding
if (b64input[len-1] == '=' && b64input[len-2] == '=') {
padding = 2;
} else if (b64input[len-1] == '=') {
padding = 1;
}
return (int)len*0.75 - padding;
}
int base64Decode(const char *b64message, unsigned char **buffer) {
BIO *bio;
BIO *b64;
int decodeLen = calcDecodeLength(b64message);
*buffer = (unsigned char*)malloc(decodeLen+1);
FILE* stream = fmemopen((char*)b64message, strlen(b64message), "r");
b64 = BIO_new(BIO_f_base64());
bio = BIO_new_fp(stream, BIO_NOCLOSE);
bio = BIO_push(b64, bio);
BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
size_t length = BIO_read(bio, *buffer, strlen(b64message));
(*buffer)[length] = '\0';
BIO_free_all(bio);
fclose(stream);
return decodeLen;
}
// AES ENCRYPTION
int encryptAes(const char *plainText, char *cipherText, const char *key) {
unsigned char iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
int plainTextLength = 0;
int cipherTextLength = 0;
int blockLength = 0;
static const int MAX_PADDING_LENGTH = 16;
EVP_CIPHER_CTX encryptCtx;
EVP_CIPHER_CTX_init(&encryptCtx);
plainTextLength = strlen(plainText);
cipherText = (unsigned char *) malloc(plainTextLength + MAX_PADDING_LENGTH);
// Initialise the encryption with AES256 (CBC mode) using the key and IV
EVP_EncryptInit_ex(&encryptCtx, EVP_aes_256_cbc(), NULL, key, iv);
// Encrypt the plainText into the cipherText, update cipherTextLength with the length of the generated cipherText
if (!EVP_EncryptUpdate(&encryptCtx, cipherText, &blockLength, (unsigned char *) plainText, plainTextLength) ) {
printf("Error in EVP_EncryptUpdate \n");
return 1;
}
cipherTextLength += blockLength;
// Encrypt the "final" data remaining in a partial block
if (!EVP_EncryptFinal_ex(&encryptCtx, cipherText + cipherTextLength, &blockLength)) {
printf("Error in EVP_EncryptFinal_ex \n");
return 1;
}
cipherTextLength += blockLength;
EVP_CIPHER_CTX_cleanup(&encryptCtx);
return cipherTextLength;
}
// AES DECRYPTION
int decryptAes(const char *cipherText, char *decipheredPlainText, int cipherTextLength, const char *key) {
unsigned char iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
int plainTextLength = 0;
int blockLength = 0;
decipheredPlainText = (unsigned char *) malloc(cipherTextLength + 1);
EVP_CIPHER_CTX decryptCtx;
EVP_CIPHER_CTX_init(&decryptCtx);
// Initialise the decryption with AES256 (CBC mode) using the key and IV
EVP_DecryptInit_ex(&decryptCtx, EVP_aes_256_cbc(), NULL, key, iv);
// Decrypt the cipherText into the plainText, update plainTextLength
if (!EVP_DecryptUpdate(&decryptCtx, decipheredPlainText, &blockLength, cipherText, cipherTextLength)) {
printf("Error in EVP_DecryptUpdate\n");
return 1;
}
plainTextLength += blockLength;
// Decrypt the "final" data remaining in a partial block
if (!EVP_DecryptFinal_ex(&decryptCtx, decipheredPlainText + plainTextLength, &blockLength)) {
printf("Error in EVP_DecryptFinal_ex\n");
return 1;
}
plainTextLength += blockLength;
EVP_CIPHER_CTX_cleanup(&decryptCtx);
return plainTextLength;
}
int main(int argc, char **argv) {
unsigned char key[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c };
const char *plainText = "cipher cipher cipher cipher CIPHER TEXT! 187? 1$5 78@2 14 .TӒ��틪�ձ1z.$�?�U���<y";
printf("Original Plain Text\t[%s]\n", plainText);
//////////////
// ENCRYPTION
//////////////
// Encrypt the plain text using AES
unsigned char cipherText[180];
int cipherTextLength = encryptAes(plainText, cipherText, key);
printf("Cipher Length\t\t[%d]\n", cipherTextLength);
// Base64 encode the buffer
char* encodedCipherText = base64Encode(cipherText, cipherTextLength);
printf("Base64 is\t\t[%s]\n", encodedCipherText);
//////////////
// DECRYPTION
//////////////
// Decode the Base64 string
unsigned char* decodedCipherText;
int decodedCipherTextLength = base64Decode(encodedCipherText, &decodedCipherText);
printf("Decoded Cipher Length\t[%d]\n", decodedCipherTextLength);
// Decrypt the cipher text
unsigned char decryptedPlainText[180];
int decryptedPlainTextLength = decryptAes(decodedCipherText, decryptedPlainText, decodedCipherTextLength, key);
printf("Decrypted Plain Text\t[%s]\n", decryptedPlainText);
// Compare before and after
if (strcmp(plainText, (char *) decryptedPlainText) == 0) {
printf("Decrypted data matches input data.\n");
} else {
printf("Decrypted data does not match input data.\n");
}
return 0;
}
gcc AesTest2.c -lcrypto -std=c99 -lm
Original Plain Text [cipher cipher cipher cipher CIPHER TEXT! 187? 1$5 78@2 14 .TӒ��틪�ձ1z.$�?�U���<y]
Cipher Length [112]
Base64 is [AQAAAAAAAACIEYLbPgAAAOh04wX/fwAAdgAAAAAAAAAJAAAAAAAAAP504wX/fwAAAAAAAAAAAADgFILbPgAAABB14wX/fwAAlwWp2z4AAAAodeMF/38AAAAAAAABAAAA2LGg2z4AAABxB0AAAAAAAA==]
Decoded Cipher Length [112]
Error in EVP_DecryptFinal_ex
Decrypted Plain Text [�t��]
Decrypted data does not match input data.
输出:
#define _GNU_SOURCE
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <math.h>
#include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/pem.h>
// BASE 64 ENCODING
char* base64Encode(const unsigned char *message, const size_t length) {
BIO *bio;
BIO *b64;
FILE* stream;
int encodedSize = 4*ceil((double)length/3);
char *buffer = (char*)malloc(encodedSize+1);
stream = fmemopen(buffer, encodedSize+1, "w");
b64 = BIO_new(BIO_f_base64());
bio = BIO_new_fp(stream, BIO_NOCLOSE);
bio = BIO_push(b64, bio);
BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
BIO_write(bio, message, length);
(void)BIO_flush(bio);
BIO_free_all(bio);
fclose(stream);
return buffer;
}
// BASE 64 DECODING
int calcDecodeLength(const char *b64input) {
int len = strlen(b64input);
int padding = 0;
// Check for trailing '=''s as padding
if (b64input[len-1] == '=' && b64input[len-2] == '=') {
padding = 2;
} else if (b64input[len-1] == '=') {
padding = 1;
}
return (int)len*0.75 - padding;
}
int base64Decode(const char *b64message, unsigned char **buffer) {
BIO *bio;
BIO *b64;
int decodeLen = calcDecodeLength(b64message);
*buffer = (unsigned char*)malloc(decodeLen+1);
FILE* stream = fmemopen((char*)b64message, strlen(b64message), "r");
b64 = BIO_new(BIO_f_base64());
bio = BIO_new_fp(stream, BIO_NOCLOSE);
bio = BIO_push(b64, bio);
BIO_set_flags(bio, BIO_FLAGS_BASE64_NO_NL);
size_t length = BIO_read(bio, *buffer, strlen(b64message));
(*buffer)[length] = '\0';
BIO_free_all(bio);
fclose(stream);
return decodeLen;
}
// AES ENCRYPTION
int encryptAes(const char *plainText, char *cipherText, const char *key) {
unsigned char iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
int plainTextLength = 0;
int cipherTextLength = 0;
int blockLength = 0;
static const int MAX_PADDING_LENGTH = 16;
EVP_CIPHER_CTX encryptCtx;
EVP_CIPHER_CTX_init(&encryptCtx);
plainTextLength = strlen(plainText);
cipherText = (unsigned char *) malloc(plainTextLength + MAX_PADDING_LENGTH);
// Initialise the encryption with AES256 (CBC mode) using the key and IV
EVP_EncryptInit_ex(&encryptCtx, EVP_aes_256_cbc(), NULL, key, iv);
// Encrypt the plainText into the cipherText, update cipherTextLength with the length of the generated cipherText
if (!EVP_EncryptUpdate(&encryptCtx, cipherText, &blockLength, (unsigned char *) plainText, plainTextLength) ) {
printf("Error in EVP_EncryptUpdate \n");
return 1;
}
cipherTextLength += blockLength;
// Encrypt the "final" data remaining in a partial block
if (!EVP_EncryptFinal_ex(&encryptCtx, cipherText + cipherTextLength, &blockLength)) {
printf("Error in EVP_EncryptFinal_ex \n");
return 1;
}
cipherTextLength += blockLength;
EVP_CIPHER_CTX_cleanup(&encryptCtx);
return cipherTextLength;
}
// AES DECRYPTION
int decryptAes(const char *cipherText, char *decipheredPlainText, int cipherTextLength, const char *key) {
unsigned char iv[] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f };
int plainTextLength = 0;
int blockLength = 0;
decipheredPlainText = (unsigned char *) malloc(cipherTextLength + 1);
EVP_CIPHER_CTX decryptCtx;
EVP_CIPHER_CTX_init(&decryptCtx);
// Initialise the decryption with AES256 (CBC mode) using the key and IV
EVP_DecryptInit_ex(&decryptCtx, EVP_aes_256_cbc(), NULL, key, iv);
// Decrypt the cipherText into the plainText, update plainTextLength
if (!EVP_DecryptUpdate(&decryptCtx, decipheredPlainText, &blockLength, cipherText, cipherTextLength)) {
printf("Error in EVP_DecryptUpdate\n");
return 1;
}
plainTextLength += blockLength;
// Decrypt the "final" data remaining in a partial block
if (!EVP_DecryptFinal_ex(&decryptCtx, decipheredPlainText + plainTextLength, &blockLength)) {
printf("Error in EVP_DecryptFinal_ex\n");
return 1;
}
plainTextLength += blockLength;
EVP_CIPHER_CTX_cleanup(&decryptCtx);
return plainTextLength;
}
int main(int argc, char **argv) {
unsigned char key[] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c };
const char *plainText = "cipher cipher cipher cipher CIPHER TEXT! 187? 1$5 78@2 14 .TӒ��틪�ձ1z.$�?�U���<y";
printf("Original Plain Text\t[%s]\n", plainText);
//////////////
// ENCRYPTION
//////////////
// Encrypt the plain text using AES
unsigned char cipherText[180];
int cipherTextLength = encryptAes(plainText, cipherText, key);
printf("Cipher Length\t\t[%d]\n", cipherTextLength);
// Base64 encode the buffer
char* encodedCipherText = base64Encode(cipherText, cipherTextLength);
printf("Base64 is\t\t[%s]\n", encodedCipherText);
//////////////
// DECRYPTION
//////////////
// Decode the Base64 string
unsigned char* decodedCipherText;
int decodedCipherTextLength = base64Decode(encodedCipherText, &decodedCipherText);
printf("Decoded Cipher Length\t[%d]\n", decodedCipherTextLength);
// Decrypt the cipher text
unsigned char decryptedPlainText[180];
int decryptedPlainTextLength = decryptAes(decodedCipherText, decryptedPlainText, decodedCipherTextLength, key);
printf("Decrypted Plain Text\t[%s]\n", decryptedPlainText);
// Compare before and after
if (strcmp(plainText, (char *) decryptedPlainText) == 0) {
printf("Decrypted data matches input data.\n");
} else {
printf("Decrypted data does not match input data.\n");
}
return 0;
}
gcc AesTest2.c -lcrypto -std=c99 -lm
Original Plain Text [cipher cipher cipher cipher CIPHER TEXT! 187? 1$5 78@2 14 .TӒ��틪�ձ1z.$�?�U���<y]
Cipher Length [112]
Base64 is [AQAAAAAAAACIEYLbPgAAAOh04wX/fwAAdgAAAAAAAAAJAAAAAAAAAP504wX/fwAAAAAAAAAAAADgFILbPgAAABB14wX/fwAAlwWp2z4AAAAodeMF/38AAAAAAAABAAAA2LGg2z4AAABxB0AAAAAAAA==]
Decoded Cipher Length [112]
Error in EVP_DecryptFinal_ex
Decrypted Plain Text [�t��]
Decrypted data does not match input data.
原始纯文本[密码文本!187?1$578@214.TӒ��틪�ձ1z$�?�U��� 在main()
中声明缓冲区,并将对它们的引用向下传递给en/decrypt函数
在这些en/decrypt函数中,您通过malloc()
返回的结果覆盖从main()
接收到的缓冲区地址。然后计算的数据写入新分配的内存。从这两个en/decrypt函数返回时,对后者的引用丢失,导致内存泄漏
由于所有这些原因,main()
中的缓冲区根本没有被触及
通过在调用en/decrypt函数之前将它们设置为所有0
,并在从en/decrypt函数返回后将它们打印出来,您可以很容易地证明这一点。更深入地了解这一点:这不是DecrypedPlainText=(unsigned char*)malloc(cipherTextLength)吗;
allocate1
byte more,或者这个字符数组不被视为C-“字符串”是的,你是对的。最后一个字节是用来保存空终止字符的。我将更新上面的代码。谢谢。为什么你要在en/decryption函数中分配内存,并传递一个指向有效内存的指针,该内存被地址malloc()覆盖
返回。这不起作用。正如我所说,我对这个C语言很陌生,这看起来像是我尝试过的一些旧代码的遗物。删除它会在解密的纯文本中给我更多垃圾字符。
输出。我想说,对于第一个测试,只需注释掉对malloc()的两个调用
,同时确保传递的缓冲区足够大。谢谢。Valgrind是解密工作完成后的下一步。我已经注释掉了这些行,并检查了缓冲区。我现在对解密纯文本的输出是[�nت��� ߗ��.M���xr��� “a�>)�) 碼'&B��ʡ��pQ��;���}���-2d��9�gXT'o��g-�Ys�"(]