AES |加密OpenSSL,用mcrypt解密 [英] AES | Encrypt with OpenSSL, decrypt with mcrypt
问题描述
我使用以下函数通过Qt中的OpenSSL库加密我的数据:
QByteArray Crypto :: Encrypt QByteArray源,QString密码)
{
EVP_CIPHER_CTX en;
unsigned char * key_data;
int key_data_len;
QByteArray ba = password.toLatin1();
key_data =(unsigned char *)ba.data();
key_data_len = strlen((char *)key_data);
int nrounds = 28;
unsigned char key [32],iv [32];
EVP_BytesToKey(EVP_aes_256_cbc(),EVP_sha1(),NULL,key_data,key_data_len,nrounds,key,iv);
QByteArray bkey = reinterpret_cast< const char *>(key)//编辑:以后包含键
QByteArray biv = reinterpret_cast< const char *>(iv)//编辑:以后是空的
EVP_CIPHER_CTX_init(& en);
EVP_EncryptInit_ex(& en,EVP_aes_256_cbc(),NULL,key,iv);
char * input = source.data();
char * out;
int len = source.size();
int c_len = len + 16,f_len = 0;
unsigned char * ciphertext =(unsigned char *)malloc(c_len);
EVP_EncryptInit_ex(& en,NULL,NULL,NULL,NULL);
EVP_EncryptUpdate(& en,ciphertext,& c_len,(unsigned char *)input,len);
EVP_EncryptFinal_ex(& en,ciphertext + c_len,& f_len);
len = c_len + f_len;
out =(char *)ciphertext;
EVP_CIPHER_CTX_cleanup(& en);
return QByteArray(out,len);
}
源在这种情况下12345678901234567890123456789012abc。 所以....如果我有这个权限,那么EVP_BytesToKey()应该从密码中生成一个密钥,并提供数据以便稍后解密该字符串。 对于Base64编码,该键将是:aQkrZD / zwMFU0VAqjYSWsrkfJfS28pQJXym20UEYNnE = 所以在Base64中的QByteArray bkey让我有一个aQkrZD / zwMFU0VAqjYSWsrkfJfS28pQJXym20UEYNnE = 加密文本为CiUqILbZo + WJBr19IiovRVc1dqGvrastwo0k67TTrs51HB8AbJe8S4uxvB2D7Dkr 现在我使用以下PHP函数再次使用生成的密钥解密密文: / p> 现在我希望有一个响应,如12345678901234567890123456789012abc。 > 我的字符串似乎以正确的方式解密,但它被剪切一半,仅显示最后19个字符。 我解决了现在通过试验和错误的空初始化向量的问题,虽然我不知道为什么以下是一个问题。 更改行: int nrounds = 28; > 如果我在其中添加了 28 之外的其他数字,则会生成一个IV,并且在mcrypt之后使用它时,密文以正确的方式解密。 我不知道在这个功能中如何处理IV代的过程。 I am using the following function to encrypt my data via the OpenSSL Library in Qt: "source" is in that case "12345678901234567890123456789012abc". So....if I got that right, then EVP_BytesToKey() should generate a key out of the password and supplied data to decrypt the string with later. To Base64-Encoded that key would be: "aQkrZD/zwMFU0VAqjYSWsrkfJfS28pQJXym20UEYNnE=" So QByteArray bkey in Base64 leaves me with "aQkrZD/zwMFU0VAqjYSWsrkfJfS28pQJXym20UEYNnE=" The encryptet text is "CiUqILbZo+WJBr19IiovRVc1dqGvrastwo0k67TTrs51HB8AbJe8S4uxvB2D7Dkr". Now I am using the following PHP function to decrypt the ciphertext with the generated key again: Now I'd expect a response like "12345678901234567890123456789012abc". My string seems to be decrypted in the right way, but it's cut in half and only the last 19 characters are displayed.
Can someone please help me with that?
I'm new to encryption and can't really figure out where exactly I went wrong. I solved the problem with the empty initialisation vector by trial and error now, though I have no clue why the following was a problem at all.
Maybe someone can explain that to me. Changing the line: int nrounds = 28; did the trick. If i put any other number than 28 in there, an IV is generated and when I use it afterwards in mcrypt the ciphertext is decrypted in the correct way.
Why was it a problem to generate the key with 28 rounds with the openssl-function EVP_BytesToKey()?
I reduced it to 5 rounds now, but I'm curious whether this problem might happen again with a password-rounds-combination that has the possibility to generate such a Null-IV. I don't realy know how the process of the IV generation is handled in this function. 这篇关于AES |加密OpenSSL,用mcrypt解密的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
密码是1hA!dh == sJAh48S8Ak!?skiitFi120xX
我不使用盐,所以没有IV应该是null)。
QByteArray bvi正在给我 Null
<?php
函数decrypt_data($ data,$ iv,$ key){
$ cypher = mcrypt_module_open(MCRYPT_RIJNDAEL_128,'',MCRYPT_MODE_CBC,'');
// if(is_null($ iv)){
// $ ivlen = mcrypt_enc_get_iv_size($ cypher);
// $ iv = substr($ data,0,$ ivlen);
// $ data = substr($ data,$ ivlen);
//}
//初始化加密句柄
if(mcrypt_generic_init($ cypher,$ key,$ iv)!= -1){
// decrypt
$ decryptpted = mdecrypt_generic($ cypher,$ data);
//清理
mcrypt_generic_deinit($ cypher);
mcrypt_module_close($ cypher);
返回$解密;
}
return false;
}
$ ctext =CiUqILbZo + WJBr19IiovRVc1dqGvrastwo0k67TTrs51HB8AbJe8S4uxvB2D7Dkr;
$ key =aQkrZD / zwMFU0VAqjYSWsrkfJfS28pQJXym20UEYNnE =;
$ res = decrypt_data(base64_decode($ ctext),null,base64_decode($ key));
echo $ res;
?>
我得到的是7890123456789012abc。
有人可以帮助我吗?
我是新加密的,不能真正弄清楚我在哪里错了。
也许有人可以向我解释一下。
为什么使用openssl功能 EVP_BytesToKey()来生成带有 28 的密钥?
我现在将它减少到 5 轮次,但我很好奇,这个问题是否可能再次发生,可能会产生一个密码轮组合,这样可以产生这样一个Null-IV。 / p>
QByteArray Crypto::Encrypt(QByteArray source, QString password)
{
EVP_CIPHER_CTX en;
unsigned char *key_data;
int key_data_len;
QByteArray ba = password.toLatin1();
key_data = (unsigned char*)ba.data();
key_data_len = strlen((char*)key_data);
int nrounds = 28;
unsigned char key[32], iv[32];
EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), NULL, key_data, key_data_len, nrounds, key, iv);
QByteArray bkey = reinterpret_cast<const char*>(key) //EDIT: Contains the key afterwards
QByteArray biv = reinterpret_cast<const char*>(iv) //EDIT: Is Null afterwards
EVP_CIPHER_CTX_init(&en);
EVP_EncryptInit_ex(&en, EVP_aes_256_cbc(), NULL, key, iv);
char *input = source.data();
char *out;
int len = source.size();
int c_len = len + 16, f_len = 0;
unsigned char *ciphertext = (unsigned char *)malloc(c_len);
EVP_EncryptInit_ex(&en, NULL, NULL, NULL, NULL);
EVP_EncryptUpdate(&en, ciphertext, &c_len, (unsigned char *)input, len);
EVP_EncryptFinal_ex(&en, ciphertext+c_len, &f_len);
len = c_len + f_len;
out = (char*)ciphertext;
EVP_CIPHER_CTX_cleanup(&en);
return QByteArray(out, len);
}
"password" is "1hA!dh==sJAh48S8Ak!?skiitFi120xX".
I don't use a salt, so no IV (should be null).
QByteArray bvi is giving me Null<?php
function decrypt_data($data, $iv, $key) {
$cypher = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
//if(is_null($iv)) {
// $ivlen = mcrypt_enc_get_iv_size($cypher);
// $iv = substr($data, 0, $ivlen);
// $data = substr($data, $ivlen);
//}
// initialize encryption handle
if (mcrypt_generic_init($cypher, $key, $iv) != -1) {
// decrypt
$decrypted = mdecrypt_generic($cypher, $data);
// clean up
mcrypt_generic_deinit($cypher);
mcrypt_module_close($cypher);
return $decrypted;
}
return false;
}
$ctext = "CiUqILbZo+WJBr19IiovRVc1dqGvrastwo0k67TTrs51HB8AbJe8S4uxvB2D7Dkr";
$key = "aQkrZD/zwMFU0VAqjYSWsrkfJfS28pQJXym20UEYNnE=";
$res = decrypt_data(base64_decode($ctext), null, base64_decode($key));
echo $res;
?>
What I get is "7890123456789012abc".
