openssl对任何大小的键都是开放的 [英] openssl is acting open to any size key
问题描述
openssl如何使用键,因为它采取任何大小的键(1字节到任何大小)。
how does openssl works with key as it is taking any size of key (1 byte to any size). What is the procedure to go to actual key here ..
openssl enc -d -des-ecb -in cipher.txt -out text.out -K '530343412312345445123345677812345678812324'
推荐答案
openssl如何工作与键...什么是程序...
how does openssl works with key ... What is the procedure...
这取决于程序,但程序通常在库中是一致的。在你的例子中,你使用 openssl dec
,所以你使用 dec
子程序。源代码位于< openssl dir> /apps/enc.c
( enc
和 dec
是 enc.c
的一部分。
It depends on the program, but procedures are usually consistent across the library. In you example, you are using the openssl dec
, so you are using the dec
sub-program. The source code is available in <openssl dir>/apps/enc.c
(enc
and dec
are part of enc.c
).
:
unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH];
unsigned char salt[PKCS5_SALT_LEN];
...
char *hkey=NULL,*hiv=NULL,*hsalt = NULL;
-K
的参数存储在 hkey
:
else if (strcmp(*argv,"-K") == 0)
{
if (--argc < 1) goto bad;
hkey= *(++argv);
}
然后,绕580行:
if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
{
/* Handle failure */
}
set_hex
如下所示,并且十六进制解码通过 -K
传递的参数。它通过 memset
返回用0填充未使用的长度。未使用的长度为 EVP_MAX_KEY_LENGTH
减去长度 -K
参数(十六进制解码后)。
set_hex
is shown below and hex decodes the argument passed in through -K
. It back fills the unused length with 0's via the memset
. The unused length is EVP_MAX_KEY_LENGTH
minus the length -K
argument (after hex decoding).
最后,在第610行:
if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
{
/* Handle failure */
}
注意: -k
(小 k
)使用不同的代码路径并使用 EVP_BytesToKey
来导出密钥。
Note: -k
(small k
) takes a different code path and uses EVP_BytesToKey
to derive the key.
int set_hex(char *in, unsigned char *out, int size)
{
int i,n;
unsigned char j;
n=strlen(in);
if (n > (size*2))
{
BIO_printf(bio_err,"hex string is too long\n");
return(0);
}
memset(out,0,size);
for (i=0; i<n; i++)
{
j=(unsigned char)*in;
*(in++)='\0';
if (j == 0) break;
if ((j >= '0') && (j <= '9'))
j-='0';
else if ((j >= 'A') && (j <= 'F'))
j=j-'A'+10;
else if ((j >= 'a') && (j <= 'f'))
j=j-'a'+10;
else
{
BIO_printf(bio_err,"non-hex digit\n");
return(0);
}
if (i&1)
out[i/2]|=j;
else
out[i/2]=(j<<4);
}
return(1);
}
这篇关于openssl对任何大小的键都是开放的的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!