OpenSSL AES_cfb128_encrypt C ++ [英] OpenSSL AES_cfb128_encrypt C++
问题描述
我试图实现一个非常简单的加密/解密示例。我需要它为一个项目,我想加密一些用户信息。我不能加密整个数据库,但只能加密表中的一些字段。
I tried to implement a "very" simple encryption/decryption example. I need it for a project where I would like to encrypt some user information. I can't encrypt the whole database but only some fields in a table.
除了加密之外,数据库和大部分项目的工作原理:
这是一个简化的版本:
The database and most of the rest of the project works, except the encryption: Here is a simplified version of it:
#include <openssl/aes.h>
#include <openssl/evp.h>
#include <iostream>
#include <string.h>
using namespace std;
int main()
{
/* ckey and ivec are the two 128-bits keys necessary to
en- and recrypt your data. Note that ckey can be
192 or 256 bits as well
*/
unsigned char ckey[] = "helloworldkey";
unsigned char ivec[] = "goodbyworldkey";
int bytes_read;
unsigned char indata[AES_BLOCK_SIZE];
unsigned char outdata[AES_BLOCK_SIZE];
unsigned char decryptdata[AES_BLOCK_SIZE];
/* data structure that contains the key itself */
AES_KEY keyEn;
/* set the encryption key */
AES_set_encrypt_key(ckey, 128, &keyEn);
/* set where on the 128 bit encrypted block to begin encryption*/
int num = 0;
strcpy( (char*)indata , "Hello World" );
bytes_read = sizeof(indata);
AES_cfb128_encrypt(indata, outdata, bytes_read, &keyEn, ivec, &num, AES_ENCRYPT);
cout << "original data:\t" << indata << endl;
cout << "encrypted data:\t" << outdata << endl;
AES_cfb128_encrypt(outdata, decryptdata, bytes_read, &keyEn, ivec, &num, AES_DECRYPT);
cout << "input data was:\t" << decryptdata << endl;
return 0;
}
但是解密数据的输出是一些随机字符,相同的每次执行代码后。 outdata
每次执行更改...
But the output of "decrypted" data are some random characters, but they are the same after every execution of the code. outdata
changes with every execution...
我试图调试和搜索解决方案,找到我的问题的任何解决方案。
现在我的问题,这里出了什么问题?
I tried to debug and search for a solution, but I couldn't find any solution for my problem.
Now my question, what is going wrong here? Or do I completely misunderstand the provided functions?
推荐答案
问题是 AES_cfb128_encrypt
修改 ivec
(它必须为了允许链接)。您的解决方案是创建 ivec
的副本,并在每次调用 AES_cfb128_encrypt
之前初始化它,如下所示:
The problem is that AES_cfb128_encrypt
modifies the ivec
(it has to in order to allow for chaining). Your solution is to create a copy of the ivec
and initialize it before each call to AES_cfb128_encrypt
as follows:
const char ivecstr[AES_BLOCK_SIZE] = "goodbyworldkey\0";
unsigned char ivec[AES_BLOCK_SIZE];
memcpy( ivec , ivecstr, AES_BLOCK_SIZE);
然后在第二次通话前重复 memcpy
到 AES_cfb128_encrypt
。
Then repeat the memcpy
before your second call to AES_cfb128_encrypt
.
注意1:您的初始向量是一个字节太短,因此我添加一个显式的 \0
在它的结尾。
Note 1: Your initial vector was a byte too short, so I put an explicit additional \0
at the end of it. You should make sure all of your strings are of the correct length when copying or passing them.
注意2:任何使用加密的代码都应该 避免使用 strcpy
或任何其他未经检查的长度副本。这是一种危险。
Note 2: Any code which uses encryption should REALLY avoid using strcpy
or any other copy of unchecked length. It's a hazard.
这篇关于OpenSSL AES_cfb128_encrypt C ++的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!