OpenSSL AES_cfb128_encrypt C ++ [英] OpenSSL AES_cfb128_encrypt C++

问题描述

我试图实现一个非常简单的加密/解密示例。我需要它为一个项目，我想加密一些用户信息。我不能加密整个数据库，但只能加密表中的一些字段。

I tried to implement a "very" simple encryption/decryption example. I need it for a project where I would like to encrypt some user information. I can't encrypt the whole database but only some fields in a table.

除了加密之外，数据库和大部分项目的工作原理：
这是一个简化的版本：

The database and most of the rest of the project works, except the encryption: Here is a simplified version of it:

#include <openssl/aes.h>
#include <openssl/evp.h>
#include <iostream>
#include <string.h>

using namespace std;

int main()
{
    /* ckey and ivec are the two 128-bits keys necessary to
       en- and recrypt your data.  Note that ckey can be
       192 or 256 bits as well
     */

    unsigned char ckey[] =  "helloworldkey";
    unsigned char ivec[] = "goodbyworldkey";

    int bytes_read;
    unsigned char indata[AES_BLOCK_SIZE];
    unsigned char outdata[AES_BLOCK_SIZE];
    unsigned char decryptdata[AES_BLOCK_SIZE];

    /* data structure that contains the key itself */
    AES_KEY keyEn;

    /* set the encryption key */
    AES_set_encrypt_key(ckey, 128, &keyEn);

    /* set where on the 128 bit encrypted block to begin encryption*/
    int num = 0;

    strcpy( (char*)indata , "Hello World" );
    bytes_read = sizeof(indata);

    AES_cfb128_encrypt(indata, outdata, bytes_read, &keyEn, ivec, &num, AES_ENCRYPT);
    cout << "original data:\t" << indata << endl;
    cout << "encrypted data:\t" << outdata << endl;

    AES_cfb128_encrypt(outdata, decryptdata, bytes_read, &keyEn, ivec, &num, AES_DECRYPT);
    cout << "input data was:\t" << decryptdata << endl;
    return 0;
}

但是解密数据的输出是一些随机字符，相同的每次执行代码后。 outdata 每次执行更改...

But the output of "decrypted" data are some random characters, but they are the same after every execution of the code. outdata changes with every execution...

我试图调试和搜索解决方案，找到我的问题的任何解决方案。

现在我的问题，这里出了什么问题？

I tried to debug and search for a solution, but I couldn't find any solution for my problem.
Now my question, what is going wrong here? Or do I completely misunderstand the provided functions?

推荐答案

问题是 AES_cfb128_encrypt 修改 ivec （它必须为了允许链接）。您的解决方案是创建 ivec 的副本，并在每次调用 AES_cfb128_encrypt 之前初始化它，如下所示：

The problem is that AES_cfb128_encrypt modifies the ivec (it has to in order to allow for chaining). Your solution is to create a copy of the ivec and initialize it before each call to AES_cfb128_encrypt as follows:

const char ivecstr[AES_BLOCK_SIZE] = "goodbyworldkey\0";
unsigned char ivec[AES_BLOCK_SIZE];
memcpy( ivec , ivecstr, AES_BLOCK_SIZE);

然后在第二次通话前重复 memcpy 到 AES_cfb128_encrypt 。

Then repeat the memcpy before your second call to AES_cfb128_encrypt.

注意1：您的初始向量是一个字节太短，因此我添加一个显式的 \0 在它的结尾。

Note 1: Your initial vector was a byte too short, so I put an explicit additional \0 at the end of it. You should make sure all of your strings are of the correct length when copying or passing them.

注意2：任何使用加密的代码都应该 避免使用 strcpy 或任何其他未经检查的长度副本。这是一种危险。

Note 2: Any code which uses encryption should REALLY avoid using strcpy or any other copy of unchecked length. It's a hazard.

这篇关于OpenSSL AES_cfb128_encrypt C ++的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！