OpenSSL上的AES CTR 256加密操作模式
我是OpenSSL的新手,谁能给我一个关于如何从C文件初始化AES模式的提示?我知道这是方法的签名,但我在参数上有问题,没有太多的文档,也没有明确的例子如何进行简单的加密。如果有人能举例说明对此方法的调用,我将不胜感激。提前感谢!
void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
const unsigned long length, const AES_KEY *key,
unsigned char ivec[AES_BLOCK_SIZE],
unsigned char ecount_buf[AES_BLOCK_SIZE],
unsigned int *num);嗨,咖啡馆我真的很感谢你的快速回答,它真的很有用,而且是我在网上找到的最好的例子。我正在尝试打开一个长度未知的文件,对其进行加密,并使用生成的密文写入另一个文件,然后打开加密文件并恢复明文。我需要使用一个相当大的MB文件,因为我想对CPU的性能进行基准测试。然而,我在解密时仍然有一个问题。不知何故,当解密一个相当大的txt文件(1504KB)时,它不会完整地解密它,我得到了其中一半是明文,另一半仍然是加密的。我认为这可能与静脉输液器的大小或我呼叫柜台的方式有关。这是我到目前为止所知道的:
#include <openssl/aes.h>
#include <stdio.h>
#include <string.h>
struct ctr_state {
unsigned char ivec[16];
unsigned int num;
unsigned char ecount[16];
};
FILE *fp;
FILE *rp;
FILE *op;
size_t count;
char * buffer;
AES_KEY key;
int bytes_read, bytes_written;
unsigned char indata[AES_BLOCK_SIZE];
unsigned char outdata[AES_BLOCK_SIZE];
unsigned char ckey[] = "thiskeyisverybad"; // It is 128bits though..
unsigned char iv[8] = {0};//This should be generated by RAND_Bytes I will take into consideration your previous post
struct ctr_state state;
int init_ctr(struct ctr_state *state, const unsigned char iv[8]){
state->num = 0;
memset(state->ecount, 0, 16);
memset(state->ivec + 8, 0, 8);
memcpy(state->ivec, iv, 8);
}
void encrypt(){
//Opening files where text plain text is read and ciphertext stored
fp=fopen("input.txt","a+b");
op=fopen("output.txt","w");
if (fp==NULL) {fputs ("File error",stderr); exit (1);}
if (op==NULL) {fputs ("File error",stderr); exit (1);}
//Initializing the encryption KEY
AES_set_encrypt_key(ckey, 128, &key);
//Encrypting Blocks of 16 bytes and writing the output.txt with ciphertext
while (1) {
init_ctr(&state, iv); //Counter call
bytes_read = fread(indata, 1, AES_BLOCK_SIZE, fp);
AES_ctr128_encrypt(indata, outdata, bytes_read, &key, state.ivec, state.ecount, &state.num);
bytes_written = fwrite(outdata, 1, bytes_read, op);
if (bytes_read < AES_BLOCK_SIZE)
break;
}
fclose (fp);
fclose (op);
free (buffer);
}
void decrypt(){
//Opening files where text cipher text is read and the plaintext recovered
rp=fopen("recovered.txt","w");
op=fopen("output.txt","a+b");
if (rp==NULL) {fputs ("File error",stderr); exit (1);}
if (op==NULL) {fputs ("File error",stderr); exit (1);}
//Initializing the encryption KEY
AES_set_encrypt_key(ckey, 128, &key);
//Encrypting Blocks of 16 bytes and writing the output.txt with ciphertext
while (1) {
init_ctr(&state, iv);//Counter call
bytes_read = fread(indata, 1, AES_BLOCK_SIZE, op);
AES_ctr128_encrypt(indata, outdata, bytes_read, &key, state.ivec, state.ecount, &state.num);
bytes_written = fwrite(outdata, 1, bytes_read, rp);
if (bytes_read < AES_BLOCK_SIZE)
break;
}
fclose (rp);
fclose (op);
free (buffer);
}
int main(int argc, char *argv[]){
encrypt();
//decrypt();
system("PAUSE");
return 0;
}每个加密和解密函数在不同的运行中被调用,所以所有的东西都是用相同的值初始化的。再次感谢您能提前提供给我的提示&致以问候!
回答 1
Stack Overflow用户
发布于 2010-08-06 00:06:16
看起来您的测试程序的基本问题是fopen调用的模式值不正确。我认为您需要将加密中的fopen调用更改为:
fp=fopen("input.txt","rb");
op=fopen("output.txt","wb");和解密中的那些:
rp=fopen("recovered.txt","wb");
op=fopen("output.txt","rb");另一件值得指出的事情是,ckey可能应该被声明为32字节(256位)的缓冲区。确实,128位加密仅使用来自密钥的16字节数据。但是OpenSSL函数AES_set_encrypt_key (至少在我使用的版本中)从该缓冲区读取32字节。它只使用适当数量的字节,但确实发生了读取。这意味着如果缓冲区只有16个字节,并且恰好在与内存中不可读的页相邻的页的末尾结束,则会导致访问冲突。
哦--我刚刚注意到里面有一个对free的无关调用。free(buffer);调用无效,因为从未分配过缓冲区。我知道你的代码只是一个简单的测试,但是...嗯,我们是程序员,控制不了自己。
https://stackoverflow.com/questions/3141860
复制相似问题