Fatal编程技术网
  • encryption/
  • Encryption 使用ApplePay的OpenSSL上的额外字节和EVP_decryptofinal_ex错误

Encryption 使用ApplePay的OpenSSL上的额外字节和EVP_decryptofinal_ex错误

encryption openssl

Encryption 使用ApplePay的OpenSSL上的额外字节和EVP_decryptofinal_ex错误,encryption,openssl,applepay,Encryption,Openssl,Applepay,我正在尝试用OpenSSL解密ApplePay返回的PaymentToken。解密工作正常,但我发现明文中追加了额外的16字节,并且在EVP_DecryptFinal_ex期间出现错误。我的第一个想法是需要关闭填充,但这似乎不是问题所在。感谢您的帮助 苹果的文档说: 使用对称密钥使用AES–256(id-aes256-GCM 2.16.840.1.101.3.4.1.46)对数据密钥的值进行解密,初始化向量为16个空字节,并且没有相关的身份验证数据 Apple提供的java示例使用BouncyC

我正在尝试用OpenSSL解密ApplePay返回的PaymentToken。解密工作正常,但我发现明文中追加了额外的16字节,并且在EVP_DecryptFinal_ex期间出现错误。我的第一个想法是需要关闭填充,但这似乎不是问题所在。感谢您的帮助

苹果的文档说:

使用对称密钥使用AES–256(id-aes256-GCM 2.16.840.1.101.3.4.1.46)对数据密钥的值进行解密,初始化向量为16个空字节,并且没有相关的身份验证数据

Apple提供的java示例使用BouncyCastle并使用“AES/GCM/NoPadding”初始化密码

我的代码如下所示:

static const unsigned char gcm_iv[] = {
    0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00
};

/* Create the context */
EVP_CIPHER_CTX *decrypt_ctx;

decrypt_ctx = EVP_CIPHER_CTX_new();

/* Select cipher */
EVP_DecryptInit_ex(decrypt_ctx, EVP_aes_256_gcm(), NULL, NULL, NULL);

/* Set IV length */
EVP_CIPHER_CTX_ctrl(decrypt_ctx, EVP_CTRL_GCM_SET_IVLEN, sizeof(gcm_iv), NULL);

/* Specify key and IV */
EVP_DecryptInit_ex(decrypt_ctx, NULL, NULL, (const unsigned char *)gcm_key, gcm_iv);

/* Turn off padding */
EVP_CIPHER_CTX_set_padding(decrypt_ctx, 0);


unsigned char outbuf[4096];
int outlen = sizeof(outbuf);
int rv;
int plaintext_len;

/* Decrypt plaintext */
rv = EVP_DecryptUpdate(decrypt_ctx, outbuf, &outlen, (const unsigned char *)data, data_length);

if(!rv)
{
    printf("\nOpenSSL Error after DecryptUpdate: %s\n", ERR_error_string(ERR_get_error(), NULL));
    err = 1;
}

/* Output decrypted block */
printf("\nPlaintext after DecryptUpdate (%d bytes):\n\n", outlen);

/* Remember plaintext length */
plaintext_len = outlen;

BIO_dump_fp(stdout, (const char *)outbuf, plaintext_len);

rv = EVP_DecryptFinal_ex(decrypt_ctx, outbuf + outlen, &outlen);

if(!rv)
{
    printf("\nOpenSSL Error after DecryptFinal_ex: %s\n", ERR_error_string(ERR_get_error(), NULL));

    err = 1;
}

/* Output decrypted block */
printf("\nPlaintext after DecryptFinal(%d bytes):\n\n", outlen);

BIO_dump_fp(stdout, (const char *)outbuf, plaintext_len);
输出结果如下所示(为安全起见更改了明文):

在调用
EVP\u DecryptFinal\u ex
之后,我认为恢复的长度是
plaintext\u len
(从调用Update)+
outlen
(从调用Final)。另外,
outlen
在调用Final之前可能应该被减少到
outlen=4096-outlen
Plaintext after DecryptUpdate (319 bytes):

0000 - 7b 22 61 70 70 6c 69 63-61 74 69 6f 6e 50 72 69   {"applicationPri
0010 - 6d 61 72 79 41 63 63 6f-75 6e 74 4e 75 6d 62 65   maryAccountNumbe
0020 - 72 22 3a 22 34 30 38 38-xx xx xx xx xx xx xx xx   r":"4088xxxxxxxx
0030 - 30 30 32 32 22 2c 22 61-70 70 6c 69 63 61 74 69   0022","applicati
0040 - 6f 6e 45 78 70 69 72 61-74 69 6f 6e 44 61 74 65   onExpirationDate
0050 - 22 3a 22 32 30 30 32 32-38 22 2c 22 63 75 72 72   ":"200228","curr
0060 - 65 6e 63 79 43 6f 64 65-22 3a 22 38 34 30 22 2c   encyCode":"840",
0070 - 22 74 72 61 6e 73 61 63-74 69 6f 6e 41 6d 6f 75   "transactionAmou
0080 - 6e 74 22 3a 33 30 30 2c-22 64 65 76 69 63 65 4d   nt":300,"deviceM
0090 - 61 6e 75 66 61 63 74 75-72 65 72 49 64 65 6e 74   anufacturerIdent
00a0 - 69 66 69 65 72 22 3a 22-xx xx xx xx xx xx xx xx   ifier":"xxxxxxxx
00b0 - xx xx xx xx 22 2c 22 70-61 79 6d 65 6e 74 44 61   xxxx","paymentDa
00c0 - 74 61 54 79 70 65 22 3a-22 33 44 53 65 63 75 72   taType":"3DSecur
00d0 - 65 22 2c 22 70 61 79 6d-65 6e 74 44 61 74 61 22   e","paymentData"
00e0 - 3a 7b 22 6f 6e 6c 69 6e-65 50 61 79 6d 65 6e 74   :{"onlinePayment
00f0 - 43 72 79 70 74 6f 67 72-61 6d 22 3a 22 xx xx xx   Cryptogram":"xxx
0100 - xx xx xx xx xx xx xx xx-xx xx xx xx xx xx xx xx   xxxxxxxxxxxxxxxx
0110 - xx xx xx xx xx xx xx xx-xx 22 2c 22 65 63 69 49   xxxxxxxxx","eciI
0120 - 6e 64 69 63 61 74 6f 72-22 3a 22 35 22 7d 7d 0b   ndicator":"5"}}.
0130 - ce 56 54 48 49 1c 73 1a-b3 a4 89 e8 b2 11 f7      .VTHI.s........

OpenSSL Error after DecryptFinal_ex: error:00000000:lib(0):func(0):reason(0)

Plaintext after DecryptFinal(0 bytes):

0000 - 7b 22 61 70 70 6c 69 63-61 74 69 6f 6e 50 72 69   {"applicationPri
0010 - 6d 61 72 79 41 63 63 6f-75 6e 74 4e 75 6d 62 65   maryAccountNumbe
0020 - 72 22 3a 22 34 30 38 38-xx xx xx xx xx xx xx xx   r":"4088xxxxxxxx
0030 - 30 30 32 32 22 2c 22 61-70 70 6c 69 63 61 74 69   0022","applicati
0040 - 6f 6e 45 78 70 69 72 61-74 69 6f 6e 44 61 74 65   onExpirationDate
0050 - 22 3a 22 32 30 30 32 32-38 22 2c 22 63 75 72 72   ":"200228","curr
0060 - 65 6e 63 79 43 6f 64 65-22 3a 22 38 34 30 22 2c   encyCode":"840",
0070 - 22 74 72 61 6e 73 61 63-74 69 6f 6e 41 6d 6f 75   "transactionAmou
0080 - 6e 74 22 3a 33 30 30 2c-22 64 65 76 69 63 65 4d   nt":300,"deviceM
0090 - 61 6e 75 66 61 63 74 75-72 65 72 49 64 65 6e 74   anufacturerIdent
00a0 - 69 66 69 65 72 22 3a 22-xx xx xx xx xx xx xx xx   ifier":"xxxxxxxx
00b0 - xx xx xx xx 22 2c 22 70-61 79 6d 65 6e 74 44 61   xxxx","paymentDa
00c0 - 74 61 54 79 70 65 22 3a-22 33 44 53 65 63 75 72   taType":"3DSecur
00d0 - 65 22 2c 22 70 61 79 6d-65 6e 74 44 61 74 61 22   e","paymentData"
00e0 - 3a 7b 22 6f 6e 6c 69 6e-65 50 61 79 6d 65 6e 74   :{"onlinePayment
00f0 - 43 72 79 70 74 6f 67 72-61 6d 22 3a 22 xx xx xx   Cryptogram":"xxx
0100 - xx xx xx xx xx xx xx xx-xx xx xx xx xx xx xx xx   xxxxxxxxxxxxxxxx
0110 - xx xx xx xx xx xx xx xx-xx 22 2c 22 65 63 69 49   xxxxxxxxx","eciI
0120 - 6e 64 69 63 61 74 6f 72-22 3a 22 35 22 7d 7d 0b   ndicator":"5"}}.
0130 - ce 56 54 48 49 1c 73 1a-b3 a4 89 e8 b2 11 f7      .VTHI.s........