OpenSSL AES 128 CBC 崩溃加密字符*
OpenSSL AES 128 CBC crash enrypted char*
我使用OpenSSL AES(我使用AES .h)有问题:
-
获取二进制文件(.pdf, .jpg)或一些。xml, .txt大约5000个字符,然后加密base64。
-
当我尝试加密AES时,我得到坏大小(随机400,200,50),我的AESKey是从字符随机128位:[abcdefghijklmnopqrstuvwxyz0123456789,.-@#&*oeOE¯_]
我认为这个问题是' '加密字符,但我不知道我可以勒索条目(字符串可以保存带有 元素的char数组,但unsigned char*和char*被终止)
这是我的代码:
std::string PFHelper::ASE_encode(std::string in, wchar_t* KS)
{
//const unsigned char* aes_input = reinterpret_cast<const unsigned char *> (in.c_str());
unsigned char* aes_input = new unsigned char[in.length()];
strcpy((char*)aes_input, in.c_str());
std::string KS_string = PFHelper::ConvertFromUtf8ToString(KS);
unsigned char* aes_key = new unsigned char[16];
strcpy((char*)aes_key, KS_string.c_str());
/* Input data to encrypt */
unsigned char iv[AES_BLOCK_SIZE];
memset(iv, 0x00, AES_BLOCK_SIZE);
const size_t encslength = ((in.length() + AES_BLOCK_SIZE) / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
/* Buffers for Encryption and Decryption */
unsigned char * enc_out = new unsigned char [encslength];
//unsigned char * dec_out = new unsigned char[in.length()];
memset(enc_out, 0, encslength);
//memset(dec_out, 0, in.length());
AES_KEY enc_key;
AES_set_encrypt_key(aes_key, 128, &enc_key);
AES_cbc_encrypt(aes_input, enc_out, encslength, &enc_key, iv, AES_ENCRYPT);
//AES_KEY decrypt;
//memset(iv, 0x00, AES_BLOCK_SIZE);
//AES_cbc_encrypt((unsigned char*)enc_out, dec_out, encslength, &decrypt, iv, AES_DECRYPT);
//std::string returned = ConvertFromUnsignedCharToString(enc_out);
memset(aes_key, 0x00, 16);
memset(aes_input, 0x00, in.length());
return ConvertFromUnsignedCharToString(enc_out);
}
样本值:
KS (AESKey): L"F-ZTNW meojlk15 "
in(5464chars): PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVR.....
(51个字符):"©¦ľ"Ň·优化Ś8 nžęwřeůl2ěYßJ2¨ßňO×ohX,Ž~ŚČ"e
我尝试EVP和典型的char键,问题是相同的
//set back to normal
unsigned char* aes_input = new unsigned char[in.length()];
strcpy((char*)aes_input, in.c_str());
unsigned char* dec_out = new unsigned char[in.length()];
memset(dec_out, 0, in.length());
dec_out[in.length()] = ' ';
/* A 256 bit key */
unsigned char *key = (unsigned char *)"01234567890123456789012345678901";
/* A 128 bit IV */
unsigned char *iv = (unsigned char *)"01234567890123456";
int lenght;
int c_len = in.length() + AES_BLOCK_SIZE;
//Set up encryption
int f_len = 0;
EVP_CIPHER_CTX *ctx;
ctx = EVP_CIPHER_CTX_new();
if (EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv) != 1)
{
wcout << L"1";
}
if (EVP_EncryptUpdate(ctx, dec_out, &lenght, aes_input, in.length()) != 1)
{
wcout << L"2";
}
if (EVP_EncryptFinal_ex(ctx, dec_out, &lenght) != 1)
{
wcout << L"3";
}
return ConvertFromUnsignedCharToString(dec_out);
}
下面是一个示例,演示如何使用std::strings
来管理缓冲区,同时使用OpenSSL的EVP接口。这也避免了你所做的额外的复制。你还需要改进你的键控策略。
您应该提供一个归零分配器。您应该考虑使用身份验证加密模式。
用g++ -std=c++11 test.cxx -o test.exe -lcrypto
编译
#include <iostream>
#include <string>
#include <memory>
#include <stdexcept>
using namespace std;
#include <openssl/evp.h>
#include <openssl/rand.h>
static const unsigned int KEY_SIZE = 16;
static const unsigned int BLOCK_SIZE = 16;
typedef unsigned char byte;
using EVP_CIPHER_CTX_free_ptr = std::unique_ptr<EVP_CIPHER_CTX, decltype(&::EVP_CIPHER_CTX_free)>;
void gen_keys(byte key[KEY_SIZE], byte iv[BLOCK_SIZE]);
void encrypt(const byte key[KEY_SIZE], const byte iv[BLOCK_SIZE], const string& ptext, string& ctext);
void decrypt(const byte key[KEY_SIZE], const byte iv[BLOCK_SIZE], const string& ctext, string& rtext);
int main(int argc, char* argv[])
{
// plaintext, ciphertext, recovered text
string ptext = "Now is the time for all good men to come to the aide of their country";
string ctext, rtext;
byte key[KEY_SIZE], iv[BLOCK_SIZE];
gen_keys(key, iv);
encrypt(key, iv, ptext, ctext);
decrypt(key, iv, ctext, rtext);
cout << "Recovered message:n" << rtext << endl;
return 0;
}
void gen_keys(byte key[KEY_SIZE], byte iv[BLOCK_SIZE])
{
int rc = RAND_bytes(key, KEY_SIZE);
if (rc != 1)
throw runtime_error("RAND_bytes key failed");
rc = RAND_bytes(iv, BLOCK_SIZE);
if (rc != 1)
throw runtime_error("RAND_bytes for iv failed");
}
void encrypt(const byte key[KEY_SIZE], const byte iv[BLOCK_SIZE], const string& ptext, string& ctext)
{
EVP_CIPHER_CTX_free_ptr ctx(EVP_CIPHER_CTX_new(), ::EVP_CIPHER_CTX_free);
int rc = EVP_EncryptInit_ex(ctx.get(), EVP_aes_128_cbc(), NULL, key, iv);
if (rc != 1)
throw runtime_error("EVP_EncryptInit_ex failed");
// Cipher text will be upto 16 bytes larger than plain text
ctext.resize(ptext.size()+16);
int out_len1 = (int)ctext.size();
rc = EVP_EncryptUpdate(ctx.get(), (byte*)&ctext[0], &out_len1, (const byte*)&ptext[0], (int)ptext.size());
if (rc != 1)
throw runtime_error("EVP_EncryptUpdate failed");
int out_len2 = (int)ctext.size() - out_len1;
rc = EVP_EncryptFinal_ex(ctx.get(), (byte*)&ctext[0]+out_len1, &out_len2);
if (rc != 1)
throw runtime_error("EVP_EncryptFinal_ex failed");
ctext.resize(out_len1 + out_len2);
}
void decrypt(const byte key[KEY_SIZE], const byte iv[BLOCK_SIZE], const string& ctext, string& rtext)
{
EVP_CIPHER_CTX_free_ptr ctx(EVP_CIPHER_CTX_new(), ::EVP_CIPHER_CTX_free);
int rc = EVP_DecryptInit_ex(ctx.get(), EVP_aes_128_cbc(), NULL, key, iv);
if (rc != 1)
throw runtime_error("EVP_DecryptInit_ex failed");
// Recovered text will be smaller than cipher text, not larger
rtext.resize(ctext.size());
int out_len1 = (int)rtext.size();
rc = EVP_DecryptUpdate(ctx.get(), (byte*)&rtext[0], &out_len1, (const byte*)&ctext[0], (int)ctext.size());
if (rc != 1)
throw runtime_error("EVP_DecryptUpdate failed");
int out_len2 = (int)rtext.size() - out_len1;
rc = EVP_DecryptFinal_ex(ctx.get(), (byte*)&rtext[0]+out_len1, &out_len2);
if (rc != 1)
throw runtime_error("EVP_DecryptFinal_ex failed");
rtext.resize(out_len1 + out_len2);
}
相关文章:
- C++字符*缓冲区的大小
- HEX值到wchar_t字符(UTF-8)的转换
- 为什么 Serial.println(<char[]>);返回随机字符?
- 我的字符计数代码计算错误.为什么
- 字符串-C++后显示的随机字符
- 将Integer转换为4字节的unsined字符矢量(按大端字节顺序)
- 如何在C++中从字符串中分割字符
- 为什么msgrcv()将垃圾字符馈送到缓冲区
- 通过递增字符来加密文本文件
- 简单的C++字符数组加密功能 - 段故障
- 使用 <wincrypt.h 加密解密期间丢失字符>
- 密码无法正确加密(携带太多字符)
- C++使用密钥和掩码对字符进行加密
- 奇怪的错误字符加密 (ASCII)
- 将 XOR 加密错误字符转换为 int 会失去精度
- XOR加密算法无法处理长度超过127个字符的输入
- 如何在WinRT中加密和解密常量字符*
- 使用字母字符加密/解密异或
- Blowfish加密/解密只使用密钥的第一个字符
- 加密数据中的Null字符