使用openssl C进行AES (aes-cbc-128、aes-cbc-192、aes-cbc-256)加密/解密
使用openssl C进行AES (aes-cbc-128、aes-cbc-192、aes-cbc-256)加密/解密
提问于 2013-08-10 02:04:00
我只想测试这3种模式的openSSL的AES : 128,192和256密钥长度,但我的解密文本是不同于我的输入,我不知道为什么。此外,当我传递一个很大的输入长度(假设是1024字节)时,我的程序显示core dumped...我的输入总是一样的,但这并不重要,至少现在如此。代码如下:
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/aes.h>
int main(int argc, char **argv)
{
int i;
int keylength;
printf("Give a key length [only 128 or 192 or 256!]:\n");
scanf("%d", &keylength);
/* generate a key with a given length */
unsigned char aes_key[keylength];
memset(aes_key, 0, sizeof(aes_key));
if (!RAND_bytes(aes_key, keylength))
{
exit(-1);
}
aes_key[keylength-1] = '\0';
int inputslength;
printf("Give an input's length:\n");
scanf("%d", &inputslength);
/* generate input with a given length */
unsigned char aes_input[inputslength+1];
memset(aes_input, '0', sizeof(aes_input));
aes_input[inputslength] = '\0';
/*printf("original:\t");
for(i=0; i<inputslength; i++)
{
printf("%c ", aes_input[i]);
}
printf("\n");*/
/* init vector */
unsigned char iv[AES_BLOCK_SIZE];
if (!RAND_bytes(iv, AES_BLOCK_SIZE))
{
exit(-1);
}
//printf("AES_BLOCK_SIZE = %d\n", AES_BLOCK_SIZE); // aes block size is 16 bytes = 128 bits
AES_KEY enc_key, dec_key;
unsigned char enc_out[AES_BLOCK_SIZE];
unsigned char dec_out[AES_BLOCK_SIZE];
// so i can do with this aes-cbc-128 aes-cbc-192 aes-cbc-256
AES_set_encrypt_key(aes_key, keylength, &enc_key);
AES_cbc_encrypt(aes_input, enc_out, inputslength, &enc_key, iv, AES_ENCRYPT);
AES_set_decrypt_key(aes_key, keylength, &dec_key);
AES_decrypt(enc_out, dec_out, &dec_key);
printf("original:\t");
for(i=0;*(aes_input+i)!=0x00;i++)
printf("%X ",*(aes_input+i));
printf("\nencrypted:\t");
for(i=0;*(enc_out+i)!=0x00;i++)
printf("%X ",*(enc_out+i));
printf("\ndecrypted:\t");
for(i=0;*(dec_out+i)!=0x00;i++)
printf("%X ",*(dec_out+i));
printf("\n");
/*printf("\n\noriginal:\t");
for(i=0; i<inputslength; i++)
{
printf("%x ", dec_out[i]);
}
printf("\n");*/
return 0;
}编辑:
当我将输出大小改为inputslength而不是AES_BLOCK_SIZE时,我得到了结果:
Give a key length [only 128 or 192 or 256!]:
128
Give an input's length:
5
original: 30 30 30 30 30
encrypted: 94 56 50 7E 19 B2 1C CE 20 23 4A E7 10 AF DB E3 30 30 30 30 30
decrypted: E1 5F F4 3D E8 8D 91 19 CD 3E 22 1E AF 1C 8F 5A 94 56 50 7E 19 B2 1C CE 20 23 4A E7 10 AF DB E3 30 30 30 30 30那么有没有可能是输出的大小和iv的大小有问题呢?它们应该有什么大小(对于AES-CBC-128、AES-CBC-192、AES-CBC-256)?
回答 2
Stack Overflow用户
回答已采纳
发布于 2013-08-10 11:04:53
看一下这个修改过的代码版本。请注意以下事项:
- 添加了hex_print (Minor)
- 添加了适当大小的密钥缓冲区和适当大小的输出加密缓冲区(必须是块大小的倍数,并且如果原始源缓冲区是精确的块大小的倍数,则仍然需要一个完整的填充块(有关详细信息,请参阅PKCS 5填充)。用于加密和decrypt.
- Finally,的
- Same IV可能看起来很奇怪,但
AES_cbc_encrypt()同时用于加密和解密(请参阅调用中的最后一个参数)。
源代码
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/aes.h>
#include <openssl/rand.h>
// a simple hex-print routine. could be modified to print 16 bytes-per-line
static void hex_print(const void* pv, size_t len)
{
const unsigned char * p = (const unsigned char*)pv;
if (NULL == pv)
printf("NULL");
else
{
size_t i = 0;
for (; i<len;++i)
printf("%02X ", *p++);
}
printf("\n");
}
// main entrypoint
int main(int argc, char **argv)
{
int keylength;
printf("Give a key length [only 128 or 192 or 256!]:\n");
scanf("%d", &keylength);
/* generate a key with a given length */
unsigned char aes_key[keylength/8];
memset(aes_key, 0, keylength/8);
if (!RAND_bytes(aes_key, keylength/8))
exit(-1);
size_t inputslength = 0;
printf("Give an input's length:\n");
scanf("%lu", &inputslength);
/* generate input with a given length */
unsigned char aes_input[inputslength];
memset(aes_input, 'X', inputslength);
/* init vector */
unsigned char iv_enc[AES_BLOCK_SIZE], iv_dec[AES_BLOCK_SIZE];
RAND_bytes(iv_enc, AES_BLOCK_SIZE);
memcpy(iv_dec, iv_enc, AES_BLOCK_SIZE);
// buffers for encryption and decryption
const size_t encslength = ((inputslength + AES_BLOCK_SIZE) / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
unsigned char enc_out[encslength];
unsigned char dec_out[inputslength];
memset(enc_out, 0, sizeof(enc_out));
memset(dec_out, 0, sizeof(dec_out));
// so i can do with this aes-cbc-128 aes-cbc-192 aes-cbc-256
AES_KEY enc_key, dec_key;
AES_set_encrypt_key(aes_key, keylength, &enc_key);
AES_cbc_encrypt(aes_input, enc_out, inputslength, &enc_key, iv_enc, AES_ENCRYPT);
AES_set_decrypt_key(aes_key, keylength, &dec_key);
AES_cbc_encrypt(enc_out, dec_out, encslength, &dec_key, iv_dec, AES_DECRYPT);
printf("original:\t");
hex_print(aes_input, sizeof(aes_input));
printf("encrypt:\t");
hex_print(enc_out, sizeof(enc_out));
printf("decrypt:\t");
hex_print(dec_out, sizeof(dec_out));
return 0;
}测试输出
Give a key length [only 128 or 192 or 256!]:
128
Give an input's length:
10
original: 58 58 58 58 58 58 58 58 58 58
encrypt: A9 66 C5 24 A4 02 AB 96 08 65 F7 22 A5 FB BE 26
decrypt: 58 58 58 58 58 58 58 58 58 58 第二个测试输出
Give a key length [only 128 or 192 or 256!]:
128
Give an input's length:
10
original: 58 58 58 58 58 58 58 58 58 58
encrypt: C2 47 6D B1 A1 68 29 53 55 74 C5 CC 3F 27 0A 3F
decrypt: 58 58 58 58 58 58 58 58 58 58 我真心希望这对你有所帮助。
Stack Overflow用户
发布于 2013-08-11 02:49:03
@WhozCraig:非常感谢你的帮助!它向我解释了很多!但还有一个问题。我把静态数组改成了动态数组。当我这样做的时候,出现了一些错误。但只有当我给出一个巨大的输入大小时,它们才会发生,看看valgrind输出:http://pastie.org/private/bzofrrtgrlzr0doyb3g。只有当我传递一个巨大的输入时才会发生错误,当我传递一个小的输入(如你的例子中的10)时,就没问题了。其他一切都运行得很完美。
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/aes.h>
#include <openssl/rand.h>
// a simple hex-print routine. could be modified to print 16 bytes-per-line
static void hex_print(const void* pv, size_t len)
{
const unsigned char * p = (const unsigned char*)pv;
if (NULL == pv)
printf("NULL");
else
{
size_t i = 0;
for (; i<len;++i)
printf("%02X ", *p++);
}
printf("\n");
}
// main entrypoint
int main(int argc, char **argv)
{
size_t inputslength = 0;
printf("Give an input's length:\n");
scanf("%lu", &inputslength);
int keylength;
printf("Give a key length [only 128 or 192 or 256!]:\n");
scanf("%d", &keylength);
// generate a key with a given length
unsigned char *aes_key = (unsigned char*)malloc(sizeof(unsigned char) * (keylength/8));
memset(aes_key, 0, keylength/8);
RAND_bytes(aes_key, keylength/8);
// generate input with a given length
unsigned char *aes_input = (unsigned char*)malloc(sizeof(unsigned char) * (inputslength));
memset(aes_input, 'X', sizeof(aes_input));
// init vectors
unsigned char *iv_enc = (unsigned char*)malloc(sizeof(unsigned char) * (AES_BLOCK_SIZE));
unsigned char *iv_dec = (unsigned char*)malloc(sizeof(unsigned char) * (AES_BLOCK_SIZE));
// iv_dec == iv_enc
RAND_bytes(iv_enc, AES_BLOCK_SIZE);
memcpy(iv_dec, iv_enc, AES_BLOCK_SIZE);
// buffers for encryption and decryption
const size_t length = (((inputslength + AES_BLOCK_SIZE) / AES_BLOCK_SIZE) * AES_BLOCK_SIZE);
unsigned char *enc_out = (unsigned char*)malloc(sizeof(unsigned char) * (length));
unsigned char *dec_out = (unsigned char*)malloc(sizeof(unsigned char) * (inputslength));
// so i can do with this aes-cbc-128 aes-cbc-192 aes-cbc-256
AES_KEY encKey, decKey;
AES_set_encrypt_key(aes_key, keylength, &encKey);
AES_cbc_encrypt(aes_input, enc_out, inputslength, &encKey, iv_enc, AES_ENCRYPT);
AES_set_decrypt_key(aes_key, keylength, &decKey);
AES_cbc_encrypt(enc_out, dec_out, length, &decKey, iv_dec, AES_DECRYPT);
printf("original:\t");
hex_print(aes_input, sizeof(aes_input));
printf("encrypt:\t");
hex_print(enc_out, sizeof(enc_out));
printf("decrypt:\t");
hex_print(dec_out, sizeof(dec_out));
free(aes_key);
aes_key = NULL;
free(aes_input);
aes_input = NULL;
free(iv_enc);
iv_enc = NULL;
free(iv_dec);
iv_dec = NULL;
free(enc_out);
enc_out = NULL;
free(dec_out);
dec_out = NULL;
return 0;
}编辑:
好了,我之前发布的代码出了点问题,这里有一个新的,工作得很好,即使是很大的输入。再次为帮助我干杯!:)
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/aes.h>
#include <openssl/rand.h>
// a simple hex-print routine. could be modified to print 16 bytes-per-line
static void hex_print(const void* pv, size_t len)
{
const unsigned char * p = (const unsigned char*)pv;
if (NULL == pv)
printf("NULL");
else
{
size_t i = 0;
for (; i<len;++i)
printf("%02X ", *p++);
}
printf("\n");
}
// main entrypoint
int main(int argc, char **argv)
{
int keylength;
printf("Give a key length [only 128 or 192 or 256!]:\n");
scanf("%d", &keylength);
/* generate a key with a given length */
unsigned char *aes_key = (unsigned char*)malloc(sizeof(unsigned char) * (keylength/8));
memset(aes_key, 0, keylength/8);
if (!RAND_bytes(aes_key, keylength/8))
exit(-1);
size_t inputslength = 0;
printf("Give an input's length:\n");
scanf("%lu", &inputslength);
/* generate input with a given length */
unsigned char *aes_input = (unsigned char*)malloc(sizeof(unsigned char) *inputslength);
memset(aes_input, 'X', inputslength);
/* init vector */
unsigned char *iv_enc = (unsigned char*)malloc(sizeof(unsigned char) *AES_BLOCK_SIZE), *iv_dec = (unsigned char*)malloc(sizeof(unsigned char) *AES_BLOCK_SIZE);
RAND_bytes(iv_enc, AES_BLOCK_SIZE);
memcpy(iv_dec, iv_enc, AES_BLOCK_SIZE);
// buffers for encryption and decryption
const size_t encslength = ((inputslength + AES_BLOCK_SIZE) / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
unsigned char *enc_out = (unsigned char*)malloc(sizeof(unsigned char) *encslength);
unsigned char *dec_out = (unsigned char*)malloc(sizeof(unsigned char) *inputslength);
memset(enc_out, 0, sizeof(enc_out));
memset(dec_out, 0, sizeof(dec_out));
// so i can do with this aes-cbc-128 aes-cbc-192 aes-cbc-256
AES_KEY enc_key, dec_key;
AES_set_encrypt_key(aes_key, keylength, &enc_key);
AES_cbc_encrypt(aes_input, enc_out, inputslength, &enc_key, iv_enc, AES_ENCRYPT);
AES_set_decrypt_key(aes_key, keylength, &dec_key);
AES_cbc_encrypt(enc_out, dec_out, encslength, &dec_key, iv_dec, AES_DECRYPT);
printf("original:\t");
hex_print(aes_input, inputslength);
printf("encrypt:\t");
hex_print(enc_out, encslength);
printf("decrypt:\t");
hex_print(dec_out, inputslength);
// free memory here
return 0;
}页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/18152913
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号