OpenSSL EVP_CIPHER_CTX_set_padding无法正常工作 [英] OpenSSL EVP_CIPHER_CTX_set_padding not working

问题描述

我正在尝试使用EVP接口使用AES，CBC和PKCS#7填充进行加密/解密.我正在使用在Wiki上找到的示例.

I am trying to encrypt/decrypt using AES, CBC and PKCS#7 padding using the EVP interface. I am using the example found on the Wiki.

在创建和初始化上下文后，我正在执行EVP_CIPHER_CTX_set_padding(ctx, 0)，如果明文不是16字节的倍数，则不应添加填充并失败.尽管如此，密文始终包含一个仅由填充组成的额外块.

I am doing EVP_CIPHER_CTX_set_padding(ctx, 0) after creating and initializing the context which should not add padding and fail if the plaintext is not a multiple of 16 bytes. Despite this the ciphertext always contains an extra block made up of padding only.

我正在使用的代码是从教程中直接复制并粘贴的，我只在加密和解密中都添加了EVP_CIPHER_CTX_set_padding(ctx, 0)，就像这样:

The code I am using is literally copied and pasted from the tutorial, I am only adding EVP_CIPHER_CTX_set_padding(ctx, 0) in both encrypt and decrypt like so:

/* Create and initialise the context */
if (!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
EVP_CIPHER_CTX_set_padding(ctx, 0);

我做错什么了吗?

推荐答案

显然，EVP_DecryptInit_ex和EVP_EncryptInit_ex都重新初始化了上下文，因此在使用完这些方法之后，应执行任何上下文更改(例如设置填充).叫.

Apparently both EVP_DecryptInit_ex and EVP_EncryptInit_ex re-initialize the context so any context changes (such as setting the padding) should be performed after those methods have been called.

这篇关于OpenSSL EVP_CIPHER_CTX_set_padding无法正常工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！