了解发动机初始化OpenSSL中 [英] Understanding engine initialization in OpenSSL
问题描述
我试图建立HMAC-SHA-256散列的基本测试,但我在与发动机的安装问题。理想情况下,我想成立仅HMAC-SHA算法,但到目前为止我还没有得到一般情况下的负载所有的算法工作。目前,我得到该行的段错误,我尝试设置默认摘要。
此外,我经常一个Java的家伙,所以不要犹豫,指出在code任何错误。
的#include<的OpenSSL / hmac.h>
#包括LT&;的OpenSSL / evp.h>
#包括LT&;&stdio.h中GT;
#包括LT&;&string.h中GT;
#包括LT&;&stdlib.h中GT;诠释主(){
无符号字符*键=(无符号字符*)0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
无符号字符*数据=(无符号字符*)4869205468657265;
无符号字符*预期=(无符号字符*)b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7
无符号字符*的结果;
HMAC_CTX * CTX;
ENGINE * E; ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
ENGINE_set_default_digests(E); HMAC_CTX_init(CTX);
HMAC_Init_ex(CTX,钥匙,40,EVP_sha256(),E);
结果= HMAC(NULL,NULL,40,数据,16,NULL,NULL);
HMAC_CTX_cleanup(CTX); ENGINE_finish(E);
ENGINE_free(E); 如果(STRCMP((字符*)结果,(字符*)预期)== 0){
的printf(测试OK \\ n);
}其他{
的printf(GOT%S代替%S \\ n,因此,预期);
}
}
编辑:该项目现在已经进化到了下面,但我仍然在 HMAC_Init_ex 段错误:
无符号字符*键=(无符号字符*)0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b
无符号字符*数据=(无符号字符*)4869205468657265;
无符号字符*预期=(无符号字符*)b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7
无符号字符*的结果;
unsigned int类型result_len = 64;
HMAC_CTX CTX;
ENGINE * E;结果=(无符号字符*)malloc的(的sizeof(char)的* result_len);
E =(发动机*)ENGINE_new();ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
ENGINE_set_default_digests(E);HMAC_CTX_init(安培; CTX);
HMAC_Init_ex(安培; CTX,钥匙,16,EVP_sha256(),E);
HMAC_Update(安培;环磷酰胺,数据,40);
HMAC_Final(安培; CTX,因此,&安培; result_len);
HMAC_CTX_cleanup(安培; CTX);ENGINE_finish(E);
ENGINE_free(E);
与你原来建议的问题是,马丁说,那你需要初始化发动机。与你的编辑code的问题是,你在做ENGINE_new,它是让你自己一个全新的引擎,然后需要用密码方法提供,消化方法,等等。其实,你想要的东西(几乎每个人都想要的东西),只是完全忽略所有的发动机东西是正确的选择。
若干问题的子公司:
- 您的字符串是十六进制,但你需要每个字符\\点¯x在字符串在那个位置,我怀疑是你想要什么真正得到十六进制字节。
- 您正试图从数据,这是不是很久哈希40个字节(实际效果:你最终部分哈希您的结果字符串)
- 您预期的结果是(据我可以告诉)不正确
- 您将打印出随机字符到终端,因为HMAC功能会产生32个字节的随机二进制数据,而不是打印的东西。
以下code编译,工程和通过测试。这是对例如$ C $有点不同的C您发现(因为它仍然采用单独的HMAC_ *功能 - 如果你想使用HMAC_Update位做你的散列位有用):
的#include<的OpenSSL / engine.h>
#包括LT&;的OpenSSL / hmac.h>
#包括LT&;的OpenSSL / evp.h>
#包括LT&;&stdio.h中GT;
#包括LT&;&string.h中GT;
#包括LT&;&stdlib.h中GT;
INT主要(无效)
{
无符号字符*键=(无符号字符*)\\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B \\ X0B;
无符号字符*数据=(无符号字符*)\\ X48 \\ X69 \\ X20 \\ X54 \\ X68 \\ X65 \\ X72 \\ X65
无符号字符*预期=(无符号字符*) \"\\x49\\x2c\\xe0\\x20\\xfe\\x25\\x34\\xa5\\x78\\x9d\\xc3\\x84\\x88\\x06\\xc7\\x8f\\x4f\\x67\\x11\\x39\\x7f\\x08\\xe7\\xe7\\xa1\\x2c\\xa5\\xa4\\x48\\x3c\\x8a\\xa6\";
无符号字符*的结果;
unsigned int类型result_len = 32;
INT I;
HMAC_CTX CTX; 结果=(无符号字符*)malloc的(的sizeof(char)的* result_len); ENGINE_load_builtin_engines();
ENGINE_register_all_complete(); HMAC_CTX_init(安培; CTX);
HMAC_Init_ex(安培;环磷酰胺,键,16,EVP_sha256(),NULL);
HMAC_Update(安培;环磷酰胺,数据,8);
HMAC_Final(安培; CTX,因此,&安培; result_len);
HMAC_CTX_cleanup(安培; CTX); 对于(i = 0;!I = result_len;我++)
{
如果(预期[I]!=结果[I])
{
的printf(!得到%02X代替%02X的字节%d个\\ N,造成[I],预计[I],I);
打破;
}
}
如果(我== result_len)
{
的printf(测试OK \\ N!);
}
返回0;
}
当然,它不会回答有关如何初始化引擎原来的问题,但真的没有正确答案,如果没有有更多的情况下,这方面证明不是在您的情况相关的...
I'm trying to set up a basic test of HMAC-SHA-256 hashing but I'm having problems with the engine setup. Ideally I would like to set up only the HMAC-SHA-algorithm but so far I haven't even gotten the general case where load all the algorithms to work. Currently I'm getting segfaults on the row where I try to set the default digests.
Also, I'm regularly a Java guy, so don't hesitate to point out any mistakes in the code.
#include <openssl/hmac.h>
#include <openssl/evp.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
int main() {
unsigned char* key = (unsigned char*) "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b";
unsigned char* data = (unsigned char*) "4869205468657265";
unsigned char* expected = (unsigned char*) "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7";
unsigned char* result;
HMAC_CTX* ctx;
ENGINE* e;
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
ENGINE_set_default_digests(e);
HMAC_CTX_init(ctx);
HMAC_Init_ex(ctx, key, 40, EVP_sha256(), e);
result = HMAC(NULL, NULL, 40, data, 16, NULL, NULL);
HMAC_CTX_cleanup(ctx);
ENGINE_finish(e);
ENGINE_free(e);
if (strcmp((char*) result, (char*) expected) == 0) {
printf("Test ok\n");
} else {
printf("Got %s instead of %s\n", result, expected);
}
}
EDIT: The program has now evolved to the following, but I'm still segfaulting at HMAC_Init_ex:
unsigned char* key = (unsigned char*) "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b";
unsigned char* data = (unsigned char*) "4869205468657265";
unsigned char* expected = (unsigned char*) "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7";
unsigned char* result;
unsigned int result_len = 64;
HMAC_CTX ctx;
ENGINE* e;
result = (unsigned char*) malloc(sizeof(char) * result_len);
e = (ENGINE*) ENGINE_new();
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
ENGINE_set_default_digests(e);
HMAC_CTX_init(&ctx);
HMAC_Init_ex(&ctx, key, 16, EVP_sha256(), e);
HMAC_Update(&ctx, data, 40);
HMAC_Final(&ctx, result, &result_len);
HMAC_CTX_cleanup(&ctx);
ENGINE_finish(e);
ENGINE_free(e);
The problem with your original suggestion is, as Martin said, that you need to initialise the ENGINE. The problem with your edited code was that you were doing ENGINE_new, which is getting you a completely new ENGINE of your own, which you then need to provide with cipher methods, digest methods, etc. In fact, for what you want (and what almost everybody wants), just completely ignoring all of the ENGINE stuff is the right choice.
Some subsidiary problems:
- your strings were hex, but you needed a \x per character to actually get that hex byte at that position in the string, which I suspect was what you wanted.
- you were trying to hash 40 bytes from "data", which wasn't that long (actual effect: you'd end up partly hashing your result string)
- your expected result was (as far as I can tell) incorrect
- you would print out random characters to the terminal, since the HMAC function will produce 32 bytes of random binary data, not printable stuff.
The following code compiles, works and passes the test. It's a bit different to the example code you found (since it still uses the individual HMAC_* functions - useful if you want to do your hashing bit by bit using HMAC_Update):
#include <openssl/engine.h>
#include <openssl/hmac.h>
#include <openssl/evp.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
int main(void)
{
unsigned char* key = (unsigned char*) "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b";
unsigned char* data = (unsigned char*) "\x48\x69\x20\x54\x68\x65\x72\x65";
unsigned char* expected = (unsigned char*) "\x49\x2c\xe0\x20\xfe\x25\x34\xa5\x78\x9d\xc3\x84\x88\x06\xc7\x8f\x4f\x67\x11\x39\x7f\x08\xe7\xe7\xa1\x2c\xa5\xa4\x48\x3c\x8a\xa6";
unsigned char* result;
unsigned int result_len = 32;
int i;
HMAC_CTX ctx;
result = (unsigned char*) malloc(sizeof(char) * result_len);
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
HMAC_CTX_init(&ctx);
HMAC_Init_ex(&ctx, key, 16, EVP_sha256(), NULL);
HMAC_Update(&ctx, data, 8);
HMAC_Final(&ctx, result, &result_len);
HMAC_CTX_cleanup(&ctx);
for (i=0; i!=result_len; i++)
{
if (expected[i]!=result[i])
{
printf("Got %02X instead of %02X at byte %d!\n", result[i], expected[i], i);
break;
}
}
if (i==result_len)
{
printf("Test ok!\n");
}
return 0;
}
Of course, it doesn't answer your original question about how to initialise ENGINEs, but there's really no right answer to that without having more context, which context turns out not to be relevant in your situation...
这篇关于了解发动机初始化OpenSSL中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
