在OpenSSL中为AES_ecb_encrypt设置填充 [英] Set padding in OpenSSL for AES_ecb_encrypt
问题描述
我正在使用OpenSSL解密一些java加密的文本。阅读此帖我写了以下代码。
unsigned int i = 0;
printf(Out array - Before\);
for(i = 0; i if(i%32 == 0)
printf(\\\
);
printf(%02X,out [i]);
}
printf(\\\
');
AES_set_decrypt_key((const unsigned char *)a.at(3).c_str(),128,& aesKey_);
for(i = 0; i std :: cout< Decrypting at<< i<< of<< sizeof(bytes)<< \\\
;
AES_ecb_encrypt(bytes + i,out + i,& aesKey_,AES_DECRYPT);
}
std :: cout<< HEX:<< a.at(2).c_str() \\\
<< 解密:<字节<< \\\
<< With Key:< a.at(3).c_str()<< \\\
<< 成为:< out<< \\\
;
printf(Out array - AFTER\\\
);
for(i = 0; i if(i%32 == 0)
printf(\\\
);
printf(%02X,out [i]);
}
printf(\\\
);
似乎是解密数据,但 PKCS5-padding
得到解密和一些额外的垃圾(我假设这是由于
PKCS5填充
)。
Out array - BEFORE 00000000000000000000000000000000000000000000000000000000000000
解密在0时18
解密在16的18
HEX:B00FE0383F2E3CBB95A5A28FA91923FA00
解密: 8?。< #
使用键:我是密钥
成为:nopasswordHQ EZ - =%。7 n
Out array - AFTER 6E6F2070617373776F72644851030303C7457F5ACCF12DAA053D252E3708846E
上面的代码是从我的代码没有密码HQ
( 6E6F2070617373776F72644851
)是预期的输出,但您可以看到填充解码 030303
那么如何在OpenSSL中设置填充?
我希望有一个 AES_set_padding
(或类似的)函数,但我显然在文档中缺少它。 p>
请尝试使用 EVP_ * 。对于那些功能PKCS#7填充是标准的。请注意,PKCS#5正式填充只有 8字节数据块密码。
一些搜索后,我发现 evp.h
应该包含:
code> const EVP_CIPHER * EVP_aes_128_ecb(void);您应该能够使用的
int EVP_EncryptInit(EVP_CIPHER_CTX * ctx,const EVP_CIPHER * type,
unsigned char * key,unsigned char * iv);
有关EVP功能的其他信息建议自动使用正确的填充。 IV当然被忽略ECB模式,所以任何指针应该做。
I'm decrypting some java encrypted text with OpenSSL. Reading this post I wrote the following code.
unsigned int i = 0;
printf("Out array - Before\n");
for(i = 0; i < sizeof(out); i++) {
if(i % 32 == 0)
printf("\n");
printf("%02X", out[i]);
}
printf("\n");
AES_set_decrypt_key((const unsigned char *)a.at(3).c_str(), 128, &aesKey_);
for(i = 0; i < sizeof(bytes); i += AES_BLOCK_SIZE) {
std::cout << "Decrypting at " << i << " of " << sizeof(bytes) << "\n";
AES_ecb_encrypt(bytes + i, out + i, &aesKey_, AES_DECRYPT);
}
std::cout << "HEX : " << a.at(2).c_str() << "\n"
<< "Decrypting : " << bytes << "\n"
<< "With Key : " << a.at(3).c_str() << "\n"
<< "Becomes : " << out << "\n";
printf("Out array - AFTER\n");
for(i = 0; i < sizeof(out); i++) {
if(i % 32 == 0)
printf("\n");
printf("%02X", out[i]);
}
printf("\n");
It appears to decrypt the data fine, though the PKCS5-padding
gets decrypted along and some extra garbage (I'm assuming this is due to the PKCS5-padding
).
Out array - BEFORE 0000000000000000000000000000000000000000000000000000000000000000
Decrypting at 0 of 18
Decrypting at 16 of 18
HEX : B00FE0383F2E3CBB95A5A28FA91923FA00
Decrypting : ��8?.<������#�
With Key : I'm a secret key
Becomes : no passwordHQ�EZ��-�=%.7�n
Out array - AFTER 6E6F2070617373776F72644851030303C7457F5ACCF12DAA053D252E3708846E
The above is output from my code, no passwordHQ
(6E6F2070617373776F72644851
) is the expected output, but you can see the padding is decoded 030303
followed by the garbage C7457F5ACCF12DAA053D252E3708846E
.
So how do I set the padding in OpenSSL?
I expected there to be an AES_set_padding
(or similar) function, but I'm obviously missing it in the documentation.
Please try and use the higher level function defined in EVP_*. For those functions PKCS#7 padding is standard. Note that PKCS#5 padding officially is only for 8 byte block ciphers.
After some searching I found that evp.h
should contain:
const EVP_CIPHER *EVP_aes_128_ecb(void);
which you should be able to use with
int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
unsigned char *key, unsigned char *iv);
additional information about EVP functions does suggest that it shoud automatically use the correct padding. The IV is of course ignored for ECB mode, so any pointer should do.
这篇关于在OpenSSL中为AES_ecb_encrypt设置填充的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!