openssl evp 对称加密(AES_ecb,ccb)

evp.h 封装了openssl常用密码学工具,以下主要说对称加密的接口

1. 如下使用 aes_256_ecb 模式的加密解密测试代码

    unsigned char key[32] = {1};unsigned char iv[16] = {0};unsigned char *inStr = "this is test string";int inLen = strlen(inStr);int encLen = 0;int outlen = 0;unsigned char encData[1024];printf("source: %s\n",inStr);//加密EVP_CIPHER_CTX *ctx;ctx = EVP_CIPHER_CTX_new();EVP_CipherInit_ex(ctx, EVP_aes_256_ecb(), NULL, key, iv, 1);EVP_CipherUpdate(ctx, encData, &outlen, inStr, inLen);encLen = outlen;EVP_CipherFinal(ctx, encData+outlen, &outlen);encLen += outlen;EVP_CIPHER_CTX_free(ctx);//解密int decLen = 0;outlen = 0;unsigned char decData[1024];EVP_CIPHER_CTX *ctx2;ctx2 = EVP_CIPHER_CTX_new();EVP_CipherInit_ex(ctx2, EVP_aes_256_ecb(), NULL, key, iv, 0);EVP_CipherUpdate(ctx2, decData, &outlen, encData, encLen);decLen = outlen;EVP_CipherFinal(ctx2, decData+outlen, &outlen);decLen += outlen;EVP_CIPHER_CTX_free(ctx2);decData[decLen] = '\0';printf("decrypt: %s\n",decData);

如上这种init,update,final的调用方式和之前 提供的哈希接口调用方式差不多

大致流程

EVP_CipherInit_ex 初始化加密使用的key,iv,算法模式,最后 一个参数,1表示加密,0表示解密

EVP_CipherUpdate 加密解密处理

EVP_CipherFinal 获取结果

2.  由上测试代码中 EVP_CipherInit_ex(ctx, EVP_aes_256_ecb(), NULL, key, iv, 1); 使用的算法模式为  EVP_aes_256_ecb()

根据接口 evp.h可知其他的对称加密算法有如下

const EVP_CIPHER *EVP_des_ecb(void);
const EVP_CIPHER *EVP_des_ede(void);
const EVP_CIPHER *EVP_des_ede3(void);
...
const EVP_CIPHER *EVP_idea_ecb(void);
const EVP_CIPHER *EVP_idea_cfb64(void);
const EVP_CIPHER *EVP_idea_ofb(void);
.....
const EVP_CIPHER *EVP_bf_cbc(void);
const EVP_CIPHER *EVP_bf_cfb64(void);
.....
const EVP_CIPHER *EVP_cast5_ecb(void);
const EVP_CIPHER *EVP_cast5_cbc(void);
.....
const EVP_CIPHER *EVP_aes_128_ecb(void);
const EVP_CIPHER *EVP_aes_128_cbc(void);
const EVP_CIPHER *EVP_aes_128_cfb1(void);
......
const EVP_CIPHER *EVP_aes_256_ecb(void);
const EVP_CIPHER *EVP_aes_256_cbc(void);
const EVP_CIPHER *EVP_aes_256_cfb1(void);
....
const EVP_CIPHER *EVP_camellia_128_cfb1(void);
const EVP_CIPHER *EVP_camellia_128_cfb8(void);
const EVP_CIPHER *EVP_camellia_128_cfb128(void);
......//以上省略表示还有很多,这里只是列出部分

选取相应的算法对应修改上面的测试代码即可,实现对称加密体系中其他算法的加密解密

3. EVP中对称加密的主要接口有

__owur int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,const unsigned char *key, const unsigned char *iv);
/*__owur*/ int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,const unsigned char *key,const unsigned char *iv);
/*__owur*/ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,int *outl, const unsigned char *in, int inl);
/*__owur*/ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,int *outl);
/*__owur*/ int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out,int *outl);__owur int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,const unsigned char *key, const unsigned char *iv);
/*__owur*/ int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,const unsigned char *key,const unsigned char *iv);
/*__owur*/ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,int *outl, const unsigned char *in, int inl);
__owur int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,int *outl);
/*__owur*/ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,int *outl);__owur int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *cipher,const unsigned char *key, const unsigned char *iv,int enc);
/*__owur*/ int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx,const EVP_CIPHER *cipher, ENGINE *impl,const unsigned char *key,const unsigned char *iv, int enc);
__owur int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,int *outl, const unsigned char *in, int inl);
__owur int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm,int *outl);
__owur int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm,int *outl);

4. 上面的例子之中,我使用的是EVP_Cipher相关api处理的对称加密

如下,我们还可以直接使用上面的 EVP_Encrypt,EVP_Decrypt 接口来处理加密解密

封装加密解密

//加密
int kk_encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key,unsigned char *iv, unsigned char *ciphertext)
{EVP_CIPHER_CTX *ctx;int len;int ciphertext_len;ctx = EVP_CIPHER_CTX_new();EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len);ciphertext_len = len;EVP_EncryptFinal_ex(ctx, ciphertext + len, &len);ciphertext_len += len;EVP_CIPHER_CTX_free(ctx);return ciphertext_len;
}//解密
int kk_decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key,unsigned char *iv, unsigned char *plaintext)
{EVP_CIPHER_CTX *ctx;int len;int plaintext_len;ctx = EVP_CIPHER_CTX_new();EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv);EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len);plaintext_len = len;EVP_DecryptFinal_ex(ctx, plaintext + len, &len);plaintext_len += len;EVP_CIPHER_CTX_free(ctx);return plaintext_len;
}

调用测试:

    unsigned char key[32] = {8};unsigned char iv[16] = {6};unsigned char *plaintext = (unsigned char *)"This is Test Plain Data,This is Test Plain Data.";unsigned char ciphertext[128];unsigned char decryptedtext[128];int decryptedtext_len, ciphertext_len;printf("source is: \n%s\n",plaintext);//加密ciphertext_len = kk_encrypt (plaintext, strlen ((char *)plaintext), key, iv,ciphertext);//解密decryptedtext_len = kk_decrypt(ciphertext, ciphertext_len, key, iv,decryptedtext);decryptedtext[decryptedtext_len] = '\0';printf("Decrypted text is:\n");printf("%s\n", decryptedtext);

和上面第一个例子的流程差不多,修改其中的对称体系使用的算法即可实现其他算法处理

5. 如果不使用EVP提供的接口,当然还可以直接使用 aes.h 提供的接口

主要接口有

/* This should be a hidden type, but EVP requires that the size be known */
struct aes_key_st {
# ifdef AES_LONGunsigned long rd_key[4 * (AES_MAXNR + 1)];
# elseunsigned int rd_key[4 * (AES_MAXNR + 1)];
# endifint rounds;
};
typedef struct aes_key_st AES_KEY;const char *AES_options(void);int AES_set_encrypt_key(const unsigned char *userKey, const int bits,AES_KEY *key);
int AES_set_decrypt_key(const unsigned char *userKey, const int bits,AES_KEY *key);void AES_encrypt(const unsigned char *in, unsigned char *out,const AES_KEY *key);
void AES_decrypt(const unsigned char *in, unsigned char *out,const AES_KEY *key);void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,const AES_KEY *key, const int enc);
void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,size_t length, const AES_KEY *key,unsigned char *ivec, const int enc);
void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,size_t length, const AES_KEY *key,unsigned char *ivec, int *num, const int enc);
void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,size_t length, const AES_KEY *key,unsigned char *ivec, int *num, const int enc);
void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,size_t length, const AES_KEY *key,unsigned char *ivec, int *num, const int enc);
void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,size_t length, const AES_KEY *key,unsigned char *ivec, int *num);
/* NB: the IV is _two_ blocks long */
void AES_ige_encrypt(const unsigned char *in, unsigned char *out,size_t length, const AES_KEY *key,unsigned char *ivec, const int enc);
/* NB: the IV is _four_ blocks long */
void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,size_t length, const AES_KEY *key,const AES_KEY *key2, const unsigned char *ivec,const int enc);int AES_wrap_key(AES_KEY *key, const unsigned char *iv,unsigned char *out,const unsigned char *in, unsigned int inlen);
int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,unsigned char *out,const unsigned char *in, unsigned int inlen);

测试接口AES_encrypt,AES_decrypt

//测试1
void kk_aes_encrypt(char *inData,char *key,char *outData)
{AES_KEY encKey;AES_set_encrypt_key(key, 128, &encKey);int inLen = strlen(inData);int encLen = 0;//分组加密while (encLen <inLen) {AES_encrypt(inData, outData, &encKey);inData += AES_BLOCK_SIZE;outData+=AES_BLOCK_SIZE;encLen +=AES_BLOCK_SIZE;}}void kk_aes_decrypt(char *inData,char *key,char *outData)
{AES_KEY decKey;AES_set_decrypt_key(key, 128, &decKey);int inLen = strlen(inData);int decLen = 0;//分组处理while (decLen < inLen) {AES_decrypt(inData, outData, &decKey);inData += AES_BLOCK_SIZE;outData+=AES_BLOCK_SIZE;decLen +=AES_BLOCK_SIZE;}
}//测试
void testSIMPLEAES()
{char *key = "this key";char *ins = "test str dat,test str dat,test str dat,test str dat,QQQS";printf("src:%s\n",ins);char *encDT = malloc(strlen(ins));kk_aes_encrypt(ins, key, encDT);char *decDT = malloc(strlen(encDT));kk_aes_decrypt(encDT, key, decDT);printf("dec:%s\n",decDT);
}

测试AES_cbc_encrypt接口

    AES_KEY encKEy;unsigned char *uk = "uk123";char encIV[AES_BLOCK_SIZE] = {0};AES_set_encrypt_key(uk, 128, &encKEy);char *inStr = "This wiki is intended as a place for collecting, organizing, and refining useful information about OpenSSL that is currently strewn among multiple locations and formats.";char *encData = malloc(1024);AES_cbc_encrypt(inStr, encData, strlen(inStr), &encKEy, encIV, AES_ENCRYPT);printf("src:%s\n",inStr);AES_KEY decKey;AES_set_decrypt_key(uk, 128, &decKey);char decIV[AES_BLOCK_SIZE] = {0};char *decData = malloc(1024);AES_cbc_encrypt(encData,decData, strlen(encData), &decKey, decIV, AES_DECRYPT);decData[strlen(inStr)] = '\0';printf("dec:%s\n",decData);if (strcmp(inStr, decData)==0) {printf("PASS\n");}

openssl evp相关推荐

  1. fatal error: openssl/evp.h: 没有那个文件或目录

    在陆佳华<嵌入式系统软硬件协同设计实战指南 第2版>一书的第13章节 编译U-boot时会遇到2个错误.原因很简单,就从一开始的错误提示着手: fatal error: openssl/e ...

  2. openssl evp 对称加密(AES_ecb,ccb)

    openssl evp 对称加密(AES_ecb,ccb) evp.h 封装了openssl常用密码学工具,以下主要说对称加密的接口 1. 如下使用 aes_256_ecb 模式的加密解密测试代码 u ...

  3. openssl之EVP系列之12---EVP_Seal系列函数介绍

    openssl之EVP系列之12---EVP_Seal系列函数介绍     ---根据openssl doc/crypto/EVP_SealInit.pod翻译和自己的理解写成     (作者:Dra ...

  4. OpenSSL中文手册之EVP库详解

    1EVP 概览 1.1 EVP 简介   Openssl EVP(high-level cryptographic functions[1])提供了丰富的密码学中的各种函数.Openssl 中实现了各 ...

  5. openssl之EVP系列之5---EVP_Encrypt系列函数具体解释(二)

    openssl之EVP系列之5---EVP_Encrypt系列函数详细解释(二)     ---依据openssl doc/crypto/EVP_EncryptInit.pod和doc/ssleay. ...

  6. OpenSSL中的EVP接口

    索引 摘要算法(Digest) 获取EVP_MD Digest API 例子 对称加密(Cipher) 获取EVP_CIPHER Cipher API 上下文管理 Encrypt API Decryp ...

  7. Linux/Centos: OpenSSL中文手册之EVP库详解

    1EVP 概览 1.1 EVP 简介   Openssl EVP(high-level cryptographic functions[1])提供了丰富的密码学中的各种函数.Openssl 中实现了各 ...

  8. OpenSSL之调用EVP框架实现AES多种加密模式

    OpenSSL之调用EVP框架实现AES多种加密模式 一.OpenSSL EVP简介 二.EVP中对称加密与解密流程 三.通过EVP实现AES多种加密模式 四.测试代码 原文链接: https://b ...

  9. 基于openssl的EVP对称加密C语言实战案例

    根据解密算法代码反推实现加密算法 说明 先上已经实现的解密代码 加密接口实现 参考 说明 为保证项目安全,本文章使用的加解密相关的代码变量szSalt,szKey,nrounds,gszKey等变量为 ...

最新文章

  1. clientdataset 用法
  2. SQL的优化和注意事项
  3. 背包九讲之四(混合三种背包问题)
  4. centos7 rpm方式离线安装mysql注意点:需先卸载mariadb(rpm -e mariadb-libs --nodeps)
  5. kswapd0 挖矿_bioset linux_linux bioset 进程 腾讯云
  6. 分治法在排序算法中的应用(JAVA)--快速排序(Lomuto划分、Hoare划分、随机化快排)
  7. MYSQL 批量Insert ID顺序生成(仿雪花算法)
  8. 中国移动回应“5G消息APP”下架:并非面向客户商用发布的产品
  9. PaddlePaddle中内置数据集分析
  10. ios touch坐标_iOS 3D Touch –窥视与流行
  11. RabbitMQ的项目实际应用
  12. 问卷调查 java_java网络问卷调查系统
  13. 有序表,二叉排序树,二叉平衡树平均查找长度比较例题 二叉平衡树的高度
  14. 普罗米修斯 Prometheus
  15. 百度快照劫持之JS劫持诊断与恢复教程
  16. mac删除ssh key_好用的mac终端命令仿真工具
  17. ubuntu上网显示找不到服务器,解决ubuntu中firefox浏览器总是提示找不到服务器的问题...
  18. 教你怎么不添加付款方式订阅苹果arcade
  19. 又一打脸现场!Fork Bunny 的 Merlin 损失 240 ETH
  20. JDBC 事务和 JTA 事务的区别

热门文章

  1. Ubuntu18.04安装ROS(melodic)
  2. 电路设计和电气识图知识点是相互关联的,PLC上位机入门应该知道
  3. 8086 微型计算机原理和应用,微型计算机原理与应用.ppt
  4. npm下载包,npm常用包下载记录,npm包大全
  5. p2p显示kad能连接 服务器未连接,P2P连不上kad网络怎么办
  6. 关于海外问卷调查的一些问题
  7. 总结:js世界中的特殊符号
  8. web项目连接数据库时找不到数据库驱动的解决办法
  9. C/C++语言100题练习计划 94——矩阵转置(线性代数)
  10. 关于http请求返回code:415的原因