使用身份验证TAG的openssl aes gcm加密；命令行 [英] openssl aes gcm encryption with authentication TAG; command line

问题描述

我正在尝试使用"openssl" th/命令行以AES-GCM模式加密文件

I'm trying to encrypt a file in AES-GCM mode with 'openssl' th/ command line

openssl enc -aes-256-gcm -p -iv 000000000000000000000000 -K 00000000000000000000000000000000000000000000000000000000000000 -nosalt -in file.raw -out file.enc`

加密有效，但是我找不到一种方法来检索生成的GCM标签. 有办法吗?

Encryption works but I could not find a way to retrieve a resulting GCM tag. Is there a way to get it?

在本文档中(链接)，我发现请注意现在甚至可以使用CCM或GCM之类的身份验证模式"，但仍然没有任何信息来做到这一点.

In this document (link) I found "Note that it is now even possible to use authenticated mode like CCM or GCM" but still there is none info how to do that.

或者是否有其他标准的macos工具可以完成相同的工作?

Or if there any other standard macos tool which could do the same job?

PS:通过通用的分布式命令行工具实现这一点很有趣，这不是编写自己的实用程序的问题

PS: I'm interesting in doing that through the means of commonly distributed command line tools, that's not a question about writing own utility

推荐答案

注意:正如下面的dave_thompson_085用户指出的那样，其余答案中的结果与当前版本的OpenSSL无关.我不小心使用了LibreSSL openssl.阅读 enc工具的OpenSSL文档的当前版本，其中包含以下句子

Note: as user dave_thompson_085 pointed out below, the results in the remainder of the answer are not relevant for current versions of OpenSSL. I was accidentally using LibreSSL openssl. Reading a current version of the OpenSSL documentation for the enc tool, it contains the following sentence

enc程序不支持经过身份验证的加密模式，例如 CCM和GCM.该实用程序不存储或检索身份验证 标签.

The enc program does not support authenticated encryption modes like CCM and GCM. The utility does not store or retrieve the authentication tag.

我想这会回答您的问题-取决于您使用的OpenSSL版本.

This answers your question, I suppose -- depending on which version of OpenSSL you are using.

原始答案，可通过macOS随附的LibreSSL openssl获得:

Original answer, obtained with LibreSSL openssl which comes with macOS:

使用openssl enc应用程序时，GCM标记未存储在输出文件中.您可以从以下单行代码中看到这一点:

The GCM tag is not stored in the output file when using the openssl enc app. You can see that from the following one-liner:

$ echo -n 'abcdefghijklmnop' | openssl enc -aes-256-gcm -K 0 -iv 0  | hexdump -C
00000000  af c5 23 59 28 06 0c 06  6e 24 ae bf d7 9d f2 68  |..#Y(...n$.....h|
00000010

输出的大小与输入的大小完全相同，任何地方都没有标记字节.

The size of the output is exactly the same as the size of the input, no tag bytes anywhere.

您还可以通过检查实现 enc来查看它. c .它不执行任何EVP_CIPHER_CTX_ctrl()调用来处理GCM标记，如 OpenSSL Wiki中所述EVP身份验证加密和解密页面上.换句话说，他标记数据会丢失.

You can also see it by inspecting the implementation enc.c. It does not do any EVP_CIPHER_CTX_ctrl() call to deal with the GCM tag, as explained in the OpenSSL Wiki page on EVP Authenticated Encryption and Decryption. In other words, he tag data is lost.

使用aes-256-gcm解密时，工具本身也会忽略标签的缺失.消息bad decrypt发送到stderr，但似乎来自与应用程序不同的层，该应用程序愉快地打印了结果:

On decryption with aes-256-gcm, the tool itself ignores the absence of the tag as well. A message bad decrypt is emitted to stderr but that seems to come from a different layer than the application, which happily prints the result:

$ echo -n 'abcdefghijklmnop' | openssl enc -aes-256-gcm -K 0 -iv 0  | openssl enc -aes-256-gcm -K 0 -iv 0 -d
bad decrypt
abcdefghijklmnop

这篇关于使用身份验证TAG的openssl aes gcm加密；命令行的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！