我在EVP_CIPHER_free中找不到openssl/evp.h之类的任何方法。我不需要释放EVP_CIPHERs吗?
答案 0 :(得分:4)
EVP_CipherInit_ex实际上是在EVP_CIPHER_CTX对象ectx中初始化变量,您将其作为第一个参数传递。请记得在您完成后致电EVP_CIPHER_CTX_cleanup(&ectx)。
答案 1 :(得分:0)
您可以在this page的底部清楚地看到
EVP_CIPHER *cipher = NULL;
/* some stuff */
EVP_CIPHER_free(cipher);
完整代码:
int encrypt(const unsigned char *key, const unsigned char *iv,
const unsigned char *msg, size_t msg_len, unsigned char *out)
{
/*
* This assumes that key size is 32 bytes and the iv is 16 bytes.
* For ciphertext stealing mode the length of the ciphertext "out" will be
* the same size as the plaintext size "msg_len".
* The "msg_len" can be any size >= 16.
*/
int ret = 0, encrypt = 1, outlen, len;
EVP_CIPHER_CTX *ctx = NULL;
EVP_CIPHER *cipher = NULL;
OSSL_PARAM params[2];
ctx = EVP_CIPHER_CTX_new();
cipher = EVP_CIPHER_fetch(NULL, "AES-256-CBC-CTS", NULL);
if (ctx == NULL || cipher == NULL)
goto err;
/*
* The default is "CS1" so this is not really needed,
* but would be needed to set either "CS2" or "CS3".
*/
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_CIPHER_PARAM_CTS_MODE,
"CS1", 0);
params[1] = OSSL_PARAM_construct_end();
if (!EVP_CipherInit_ex2(ctx, cipher, key, iv, encrypt, params))
goto err;
/* NOTE: CTS mode does not support multiple calls to EVP_CipherUpdate() */
if (!EVP_CipherUpdate(ctx, encrypted, &outlen, msg, msglen))
goto err;
if (!EVP_CipherFinal_ex(ctx, encrypted + outlen, &len))
goto err;
ret = 1;
err:
EVP_CIPHER_free(cipher);
EVP_CIPHER_CTX_free(ctx);
return ret;
}