在OpenSSL中为AES_ecb_encrypt设置填充 [英] Set padding in OpenSSL for AES_ecb_encrypt
问题描述
我正在使用OpenSSL解密一些java加密的文本。阅读此帖我写了以下代码。
unsigned int i = 0;
printf(Out array - Before\);
for(i = 0; i
printf(\\\
);
printf(%02X,out [i]);
}
printf(\\\
');
AES_set_decrypt_key((const unsigned char *)a.at(3).c_str(),128,& aesKey_);
for(i = 0; i std :: cout< Decrypting at<< i<< of<< sizeof(bytes)<< \\\
;
AES_ecb_encrypt(bytes + i,out + i,& aesKey_,AES_DECRYPT);
}
std :: cout<< HEX:<< a.at(2).c_str() \\\
<< 解密:<字节<< \\\
<< With Key:< a.at(3).c_str()<< \\\
<< 成为:< out<< \\\
;
printf(Out array - AFTER\\\
);
for(i = 0; i
printf(\\\
);
printf(%02X,out [i]);
}
printf(\\\
);
似乎是解密数据,但 PKCS5-padding 得到解密和一些额外的垃圾(我假设这是由于 PKCS5填充)。
Out array - BEFORE 00000000000000000000000000000000000000000000000000000000000000
解密在0时18
解密在16的18
HEX:B00FE0383F2E3CBB95A5A28FA91923FA00
解密: 8?。< #
使用键:我是密钥
成为:nopasswordHQ EZ - =%。7 n
Out array - AFTER 6E6F2070617373776F72644851030303C7457F5ACCF12DAA053D252E3708846E
上面的代码是从我的代码没有密码HQ ( 6E6F2070617373776F72644851 )是预期的输出,但您可以看到填充解码 030303
那么如何在OpenSSL中设置填充?
我希望有一个 AES_set_padding (或类似的)函数,但我显然在文档中缺少它。 p>
请尝试使用 EVP_ * 。对于那些功能PKCS#7填充是标准的。请注意,PKCS#5正式填充只有 8字节数据块密码。
一些搜索后,我发现 evp.h 应该包含:
code> const EVP_CIPHER * EVP_aes_128_ecb(void);您应该能够使用的
int EVP_EncryptInit(EVP_CIPHER_CTX * ctx,const EVP_CIPHER * type,
unsigned char * key,unsigned char * iv);
有关EVP功能的其他信息建议自动使用正确的填充。 IV当然被忽略ECB模式,所以任何指针应该做。
I'm decrypting some java encrypted text with OpenSSL. Reading this post I wrote the following code.
unsigned int i = 0;
printf("Out array - Before\n");
for(i = 0; i < sizeof(out); i++) {
if(i % 32 == 0)
printf("\n");
printf("%02X", out[i]);
}
printf("\n");
AES_set_decrypt_key((const unsigned char *)a.at(3).c_str(), 128, &aesKey_);
for(i = 0; i < sizeof(bytes); i += AES_BLOCK_SIZE) {
std::cout << "Decrypting at " << i << " of " << sizeof(bytes) << "\n";
AES_ecb_encrypt(bytes + i, out + i, &aesKey_, AES_DECRYPT);
}
std::cout << "HEX : " << a.at(2).c_str() << "\n"
<< "Decrypting : " << bytes << "\n"
<< "With Key : " << a.at(3).c_str() << "\n"
<< "Becomes : " << out << "\n";
printf("Out array - AFTER\n");
for(i = 0; i < sizeof(out); i++) {
if(i % 32 == 0)
printf("\n");
printf("%02X", out[i]);
}
printf("\n");
It appears to decrypt the data fine, though the PKCS5-padding gets decrypted along and some extra garbage (I'm assuming this is due to the PKCS5-padding).
Out array - BEFORE 0000000000000000000000000000000000000000000000000000000000000000
Decrypting at 0 of 18
Decrypting at 16 of 18
HEX : B00FE0383F2E3CBB95A5A28FA91923FA00
Decrypting : ��8?.<������#�
With Key : I'm a secret key
Becomes : no passwordHQ�EZ��-�=%.7�n
Out array - AFTER 6E6F2070617373776F72644851030303C7457F5ACCF12DAA053D252E3708846E
The above is output from my code, no passwordHQ (6E6F2070617373776F72644851) is the expected output, but you can see the padding is decoded 030303 followed by the garbage C7457F5ACCF12DAA053D252E3708846E.
So how do I set the padding in OpenSSL?
I expected there to be an AES_set_padding (or similar) function, but I'm obviously missing it in the documentation.
Please try and use the higher level function defined in EVP_*. For those functions PKCS#7 padding is standard. Note that PKCS#5 padding officially is only for 8 byte block ciphers.
After some searching I found that evp.h should contain:
const EVP_CIPHER *EVP_aes_128_ecb(void);
which you should be able to use with
int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type,
unsigned char *key, unsigned char *iv);
additional information about EVP functions does suggest that it shoud automatically use the correct padding. The IV is of course ignored for ECB mode, so any pointer should do.
这篇关于在OpenSSL中为AES_ecb_encrypt设置填充的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
