openssl EVP在解密时随机失败

时间:2015-02-05 15:13:29

标签: c++ c encryption openssl

我在使用更高级别的信封解密openssl/evp.h时遇到问题 当我尝试使用相同的值多次运行相同的程序时,EVP_OpenFinalEVP_OpenInit会随机失败。我正在研究它最近5天但没有运气。我在这里写完整的代码。请帮帮我。如果有人可以尝试重现错误,那就太好了,让我知道我错在哪里。

错误讯息:

This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
4944:error:0606506D:lib(6):func(101):reason(109):.\crypto\evp\evp_enc.c:460:

这是代码

#include <iostream>
#include <openssl/pem.h>
#include <openssl/ssl.h>
#include <openssl/rsa.h>
#include <openssl/evp.h>
#include <openssl/bio.h>
#include <openssl/err.h>
#include <stdio.h>

void handleErrors(void);
int envelope_seal(EVP_PKEY **pub_key, unsigned char *plaintext, int plaintext_len,
                  unsigned char **encrypted_key, int *encrypted_key_len, unsigned char *iv,
                  unsigned char *ciphertext);
int envelope_open(EVP_PKEY *priv_key, unsigned char *ciphertext, int ciphertext_len,
                  unsigned char *encrypted_key, int encrypted_key_len, unsigned char *iv,
                  unsigned char *plaintext);

using namespace std;

int main()
{
    RSA *rsa_pubkey= RSA_new();
    RSA *rsa_prikey= RSA_new();
    EVP_PKEY *evp_pubkey = EVP_PKEY_new();
    EVP_PKEY *evp_prikey = EVP_PKEY_new();
    FILE *rsa_prikey_file = NULL;
    FILE *rsa_pubkey_file = NULL;
    rsa_pubkey_file = fopen("pubkey.pem", "r");
    if (!rsa_pubkey_file)
    {
        fprintf(stderr, "Error loading PEM RSA Public Key File.\n");
        exit(2);
    }

    PEM_read_RSA_PUBKEY(rsa_pubkey_file, &rsa_pubkey,NULL, NULL);

    EVP_PKEY_assign_RSA(evp_pubkey,rsa_pubkey);

    rsa_prikey_file = fopen("key.pem", "r");
    if (!rsa_prikey_file)
    {
        fprintf(stderr, "Error loading PEM RSA private Key File.\n");
        exit(2);
    }
    PEM_read_RSAPrivateKey(rsa_prikey_file, &rsa_prikey,NULL, NULL);

    EVP_PKEY_assign_RSA(evp_prikey,rsa_prikey);


    unsigned char *plaintext = (unsigned char*) "The quick brown fox jumps over thes lazy dog";
    unsigned char ciphertext[256] = {};
    unsigned char plaintextt[256] = {};
    int ciphertextlength;
    unsigned char *encKey  = (unsigned char*)malloc(RSA_size(rsa_pubkey));
    unsigned char iv[16] = {};


    envelope_seal(&evp_pubkey, plaintext,strlen((const char*)plaintext),&encKey, &ciphertextlength,iv,ciphertext);

    envelope_open(evp_prikey, ciphertext, strlen((const char*)ciphertext), encKey, strlen((const char*)encKey),iv,plaintextt);

    std::cout <<"Result: "<<plaintextt<<std::endl;

    EVP_PKEY_free(evp_pubkey);
    EVP_PKEY_free(evp_prikey);
    free(ciphertext);
    free(encKey);

}

int envelope_seal(EVP_PKEY **pub_key, unsigned char *plaintext, int plaintext_len,
                  unsigned char **encrypted_key, int *encrypted_key_len, unsigned char *iv,
                  unsigned char *ciphertext)
{
    EVP_CIPHER_CTX *ctx;

    int ciphertext_len;

    int len;

    if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors();

    if(1 != EVP_SealInit(ctx, EVP_aes_128_cbc(),
                         encrypted_key,
                         encrypted_key_len,
                         iv,
                         pub_key, 1))
    {
        handleErrors();
    }

    if(1 != EVP_SealUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
    {
        handleErrors();
    }
    ciphertext_len = len;

    if(1 != EVP_SealFinal(ctx, ciphertext + len, &len))
    {
        handleErrors();
    }
    ciphertext_len += len;

    EVP_CIPHER_CTX_free(ctx);

    return ciphertext_len;
}



int envelope_open(EVP_PKEY *priv_key, unsigned char *ciphertext, int ciphertext_len,
                  unsigned char *encrypted_key, int encrypted_key_len, unsigned char *iv,
                  unsigned char *plaintext)
{
    EVP_CIPHER_CTX *ctx;

    int len;

    int plaintext_len;

    if(!(ctx = EVP_CIPHER_CTX_new()))
    {
        handleErrors();
    }

    if(1 != EVP_OpenInit(ctx, EVP_aes_128_cbc(), encrypted_key,
                         encrypted_key_len, iv, priv_key))
    {
        handleErrors();
    }

    if(1 != EVP_OpenUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
    {
        handleErrors();
    }
    plaintext_len = len;

    if(1 != EVP_OpenFinal(ctx, plaintext + len, &len))
    {
        handleErrors();
    }
    plaintext_len += len;

    EVP_CIPHER_CTX_free(ctx);
    plaintext[plaintext_len] = '\0';

    return plaintext_len;
}


void handleErrors(void)
{
    perror("Error: ");
    ERR_print_errors_fp(stderr);
    abort();
}

2 个答案:

答案 0 :(得分:2)

envelope_seal()返回加密字符串的长度,我必须将此长度放在envelope_open()

int **length** = envelope_seal(&evp_pubkey, plaintext,strlen((const char*)plaintext),&encKey, &ciphertextlength,iv,ciphertext);
envelope_open(evp_prikey, ciphertext, **length**, encKey, strlen((const char*)encKey),iv,plaintextt);

答案 1 :(得分:2)

随机崩溃是由envelope_sealenvelope_open之前的长度计算引起的。长度应该如下:

unsigned char *plaintext = (unsigned char*) "The quick brown fox jumps over thes lazy dog";
int ciphertextlength;
unsigned int enclen = EVP_PKEY_size(evp_prikey);
unsigned char *encKey  = (unsigned char*)malloc(enclen);
unsigned char *ciphertext = (unsigned char*)malloc(enclen);
unsigned char plaintextt[enclen] = {};
unsigned char iv[16] = {};


unsigned int length = envelope_seal(&evp_pubkey, plaintext,strlen((const char*)plaintext),&encKey, &ciphertextlength,iv,ciphertext);
envelope_open(evp_prikey, ciphertext, length, encKey, enclen,iv,plaintextt);

正如您的答案所述,envelope_seal会返回大小。由于char*的尺寸小于plaintext时总是发生崩溃,因此无法获得48的尺寸。