evp_decryptupdate正在给出分段故障
在使用openssl/evp.h库时的C中。
如果我这样做,
EVP_CIPHER_CTX_new();
EVP_DecryptInit(ctx, EVP_aes_256_wrap_pad(), NULL, key, iv);
EVP_DecryptUpdate(ctx, buf, &cipher_len, 32);
我将在最后一行中获得SEG故障,但是当我将EVP_AES_256_WRAP_PAD()更改为EVP_AES_128_ECB()并使所有其他参数保持相同的错误。
这是示例代码 工作
#include <openssl/evp.h>
#include <stdio.h>
#include <string.h>
void dump_head(unsigned char *buf, size_t len)
{
unsigned end, i;
for (end = len; end > 0; end--)
if (buf[end-1] != 0)
break;
printf("buf = {");
for (i = 0; i < end; i++)
printf(" %02hhx,", buf[i]);
printf(" }\n");
}
int main(void)
{
unsigned char key[] = "0123456789abcdef";
unsigned char iv[] = "1234567887654321";
unsigned char indata[32] = "0123456789abcdeffedcba9876543210";
unsigned char buf[4096];
unsigned pos;
int cipher_len;
EVP_CIPHER_CTX *ctx;
ctx = EVP_CIPHER_CTX_new();
EVP_DecryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, key, iv);
EVP_DecryptUpdate(ctx, buf, &cipher_len, indata, 32);
printf("Got %d\n", cipher_len);
dump_head(buf, sizeof(buf));
printf("Final!\n");
memset(buf, 0, sizeof(buf));
EVP_DecryptFinal_ex(ctx, buf, &cipher_len);
printf("Got %d\n", cipher_len);
dump_head(buf, sizeof(buf));
return 0;
}
不工作,
#include <openssl/evp.h>
#include <stdio.h>
#include <string.h>
void dump_head(unsigned char *buf, size_t len)
{
unsigned end, i;
for (end = len; end > 0; end--)
if (buf[end-1] != 0)
break;
printf("buf = {");
for (i = 0; i < end; i++)
printf(" %02hhx,", buf[i]);
printf(" }\n");
}
int main(void)
{
unsigned char key[] = "0123456789abcdef";
unsigned char iv[] = "1234567887654321";
unsigned char indata[32] = "0123456789abcdeffedcba9876543210";
unsigned char buf[4096];
unsigned pos;
int cipher_len;
EVP_CIPHER_CTX *ctx;
ctx = EVP_CIPHER_CTX_new();
EVP_DecryptInit_ex(ctx, EVP_aes_128_wrap_pad(), NULL, key, iv);
EVP_DecryptUpdate(ctx, buf, &cipher_len, indata, 32);
printf("Got %d\n", cipher_len);
dump_head(buf, sizeof(buf));
printf("Final!\n");
memset(buf, 0, sizeof(buf));
EVP_DecryptFinal_ex(ctx, buf, &cipher_len);
printf("Got %d\n", cipher_len);
dump_head(buf, sizeof(buf));
return 0;
}
您可以建议您还需要添加更多evp_aes_256_wrap_pad()的东西。
In c while using the openssl/evp.h library.
If I am doing
EVP_CIPHER_CTX_new();
EVP_DecryptInit(ctx, EVP_aes_256_wrap_pad(), NULL, key, iv);
EVP_DecryptUpdate(ctx, buf, &cipher_len, 32);
I am getting a seg fault in the last line but when I change the EVP_aes_256_wrap_pad() to EVP_aes_128_ecb() and keeping all other parameters same seg fault is gone.
Here is an example code
Working
#include <openssl/evp.h>
#include <stdio.h>
#include <string.h>
void dump_head(unsigned char *buf, size_t len)
{
unsigned end, i;
for (end = len; end > 0; end--)
if (buf[end-1] != 0)
break;
printf("buf = {");
for (i = 0; i < end; i++)
printf(" %02hhx,", buf[i]);
printf(" }\n");
}
int main(void)
{
unsigned char key[] = "0123456789abcdef";
unsigned char iv[] = "1234567887654321";
unsigned char indata[32] = "0123456789abcdeffedcba9876543210";
unsigned char buf[4096];
unsigned pos;
int cipher_len;
EVP_CIPHER_CTX *ctx;
ctx = EVP_CIPHER_CTX_new();
EVP_DecryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, key, iv);
EVP_DecryptUpdate(ctx, buf, &cipher_len, indata, 32);
printf("Got %d\n", cipher_len);
dump_head(buf, sizeof(buf));
printf("Final!\n");
memset(buf, 0, sizeof(buf));
EVP_DecryptFinal_ex(ctx, buf, &cipher_len);
printf("Got %d\n", cipher_len);
dump_head(buf, sizeof(buf));
return 0;
}
Not working
#include <openssl/evp.h>
#include <stdio.h>
#include <string.h>
void dump_head(unsigned char *buf, size_t len)
{
unsigned end, i;
for (end = len; end > 0; end--)
if (buf[end-1] != 0)
break;
printf("buf = {");
for (i = 0; i < end; i++)
printf(" %02hhx,", buf[i]);
printf(" }\n");
}
int main(void)
{
unsigned char key[] = "0123456789abcdef";
unsigned char iv[] = "1234567887654321";
unsigned char indata[32] = "0123456789abcdeffedcba9876543210";
unsigned char buf[4096];
unsigned pos;
int cipher_len;
EVP_CIPHER_CTX *ctx;
ctx = EVP_CIPHER_CTX_new();
EVP_DecryptInit_ex(ctx, EVP_aes_128_wrap_pad(), NULL, key, iv);
EVP_DecryptUpdate(ctx, buf, &cipher_len, indata, 32);
printf("Got %d\n", cipher_len);
dump_head(buf, sizeof(buf));
printf("Final!\n");
memset(buf, 0, sizeof(buf));
EVP_DecryptFinal_ex(ctx, buf, &cipher_len);
printf("Got %d\n", cipher_len);
dump_head(buf, sizeof(buf));
return 0;
}
Can you please suggest is there anything more that I have to add for EVP_aes_256_wrap_pad().
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
没有记录我可以找到的,并且可能实际上可能不支持,而是要使用
evp_ {cipher,egempt,decrypt}*在上下文:然后像您一样使用init_ex。
由于您没有设置此功能,因此您对Dectryit_ex的调用失败了,但是您忽略了返回代码,然后在非初始化的上下文中调用了Decryptupdate,该上下文崩溃了。您应始终从任何返回一个的OPENSL例程中检查返回代码。
但是,即使我设置了此标志,我怀疑dectryupdate返回0,因为您的数据不是有效 ciphertext的此算法(键盘算法包括完整性检查),尽管我希望它会将某些内容放入错误堆栈且没有。如果有时间,我会更深入地看待这一点。
It's not documented that I can find, and may not actually be supported, but to use a wrap-mode cipher in
EVP_{Cipher,Encrypt,Decrypt}*you must first set a flag on the context:and then use Init_ex as you did.
Since you didn't set this, your call to DecryptInit_ex failed, but you ignored the return code, and then called DecryptUpdate on an uninitialized context, which crashes. You should always check the return code from any OpenSSL routine that returns one.
However even when I set this flag, DecryptUpdate returns 0, I suspect because your data is not valid ciphertext for this algorithm (the keywrap algorithms include an integrity check), although I would expect it to put something in the errorstack and it doesn't. I will look more deeply at that if I have time.