使用openssl进行AES 128 CTR 加密、解密
AES128-CTR方式,属于对称加密的一种。
这里有一篇讲解对称和非对称加密非常通俗易懂的文章:
https://segmentfault.com/a/61428
#include <stdlib.h> #include <stdio.h> #include <string.h> #include <openssl/evp.h> void handleErrors(void) { ERR_print_errors_fp(stderr); abort(); } int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key, unsigned char *iv, unsigned char *ciphertext) { EVP_CIPHER_CTX *ctx; int len; int ciphertext_len; /* Create and initialise the context */ if (!(ctx = EVP_CIPHER_CTX_new())) handleErrors(); /* Initialise the encryption operation. IMPORTANT - ensure you use a key * and IV size appropriate for your cipher * In this example we are using 256 bit AES (i.e. a 256 bit key). The * IV size for *most* modes is the same as the block size. For AES this * is 128 bits */ if (1 != EVP_EncryptInit_ex(ctx, EVP_aes_128_ctr(), NULL, key, iv)) handleErrors(); /* Provide the message to be encrypted, and obtain the encrypted output. * EVP_EncryptUpdate can be called multiple times if necessary */ if (1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len)) handleErrors(); ciphertext_len = len; /* Finalise the encryption. Further ciphertext bytes may be written at * this stage. */ if (1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)) handleErrors(); ciphertext_len += len; /* Clean up */ EVP_CIPHER_CTX_free(ctx); return ciphertext_len; } int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key, unsigned char *iv, unsigned char *plaintext) { EVP_CIPHER_CTX *ctx; int len; int plaintext_len; /* Create and initialise the context */ if (!(ctx = EVP_CIPHER_CTX_new())) handleErrors(); /* Initialise the decryption operation. IMPORTANT - ensure you use a key * and IV size appropriate for your cipher * In this example we are using 256 bit AES (i.e. a 256 bit key). The * IV size for *most* modes is the same as the block size. For AES this * is 128 bits */ if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_128_ctr(), NULL, key, iv)) handleErrors(); /* Provide the message to be decrypted, and obtain the plaintext output. * EVP_DecryptUpdate can be called multiple times if necessary */ if (1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len)) handleErrors(); plaintext_len = len; /* Finalise the decryption. Further plaintext bytes may be written at * this stage. */ if (1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) handleErrors(); plaintext_len += len; /* Clean up */ EVP_CIPHER_CTX_free(ctx); return plaintext_len; } int main(int argc, char const *argv[]) { /* A 256 bit key */ unsigned char *key = (unsigned char *)"0"; /* A 128 bit IV */ unsigned char *iv = (unsigned char *)"02345"; /* Message to be encrypted */ unsigned char *plaintext = "The quick brown fox jumps over the lazy dog"; /* Buffer for ciphertext. Ensure the buffer is long enough for the * ciphertext which may be longer than the plaintext, dependant on the * algorithm and mode */ unsigned char ciphertext[128]; /* Buffer for the decrypted text */ unsigned char decryptedtext[128]; int decryptedtext_len, ciphertext_len; printf("Plaintext is:\n%s~\n", plaintext); /* Encrypt the plaintext */ ciphertext_len = encrypt(plaintext, strlen(plaintext), key, iv, ciphertext); /* Do something useful with the ciphertext here */ printf("Ciphertext is %d bytes long:\n", ciphertext_len); BIO_dump_fp(stdout, ciphertext, ciphertext_len); /* Decrypt the ciphertext */ decryptedtext_len = decrypt(ciphertext, ciphertext_len, key, iv, decryptedtext); /* Add a NULL terminator. We are expecting printable text */ decryptedtext[decryptedtext_len] = '\0'; /* Show the decrypted text */ printf("Decrypted text is:\n"); printf("%s~\n", decryptedtext); return 0; }
编译
gcc openssl-aes-128-ctr.c -lssl -lcrypto
运行效果
Plaintext is: The quick brown fox jumps over the lazy dog~ Ciphertext is 43 bytes long: 0000 - 0b 15 95 9f 61 4f e5 29-8d da cf eb 69 db 55 0a ....aO.)....i.U. 0010 - 00 58 58 fa 7c 6f d0 52-52 53 73 61 1b 08 2e 03 .XX.|o.RRSsa.... 0020 - a2 d1 16 0c 98 4b f5 c7-43 6c ca .....K..Cl. Decrypted text is: The quick brown fox jumps over the lazy dog~