OpenSSL C Cryptopals Challenge7

Posted 2023-02-06

我一直在尝试学习OpenSSL C API。我找到了有趣的cryptopals挑战页面，并想尝试一些简单的挑战。我接受了挑战7，AES ECB：https://cryptopals.com/sets/1/challenges/7

阅读OpenSSL文档后，我想进行一些编码。我从OpenSSL Wiki页面复制了下面粘贴的大多数代码。但是不知何故我无法完成这项工作。我尝试通过Google搜索错误，发现人们在Python中轻松解决了这一难题，但对于C却一无所获。

输入文件在Base64中用换行符编码。所以首先我要做的是删除换行符。我是用tr工具手动完成的，而不是以编程方式完成的。

tr -d '\n' < cipertext > ciphertext.no_newlines
接下来我也将其手动解码：

base64 -d ciphertext.no_newlines > ciphertext.no_newlines_decoded
接下来我从该OpenSSL网页https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption中复制了几乎所有内容：

加密和解密功能是文档中的准确副本。我只修改了主要功能。我还从某处复制了readFile函数（测试它是否可以正常运行）。

我这样编译：

gcc -I /opt/openssl/include challenge7.c /opt/openssl/lib/libcrypto.a -lpthread -ldl -o challenge7 
但是我收到此错误：

140095710082880:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:crypto/evp/evp_enc.c:570:
[1]    24550 abort (core dumped)  ./challenge7
我搜索了此错误，发现它可能与OpenSSL版本之间的不兼容性有关，即用于加密文件的版本与我在计算机上的版本之间的不兼容性。真的是这个原因吗？如果是这样，那么这是有史以来最糟糕的库，我无法使用相同的算法解密库版本不同的文件。我不敢相信。我听说OpenSSL糟糕透顶，但不知何故，这就是导致此错误的原因。

有人可以帮我发现我在这里做错了什么吗？整个代码如下：

#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <string.h>

char* readFile(char* filename, int* size) 

    char* source = NULL;

    FILE *fp = fopen(filename, "r");
    if (fp != NULL) 
        if (fseek(fp, 0L, SEEK_END) == 0) 
            long bufsize = ftell(fp);
            if (bufsize == -1) 
                fputs("ftell error", stderr);
             else 
                source = malloc(sizeof(char) * (bufsize + 1));
                if (fseek(fp, 0L, SEEK_SET) != 0)  
                    fputs("fseek error", stderr);
                

                size_t nl = fread(source, sizeof(char), bufsize, fp);
                if (ferror(fp) != 0) 
                    fputs("Error reading file", stderr);
                 else 
                    source[nl] = '\0';
                    *size = nl;
                
            
        
        fclose(fp);
    
    return source;


void handleErrors(void)

    ERR_print_errors_fp(stderr);
    abort();


int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key,
            unsigned char *iv, unsigned char *ciphertext)

    EVP_CIPHER_CTX *ctx;

    int len;

    int ciphertext_len;

    /* Create and initialise the context */
    if(!(ctx = EVP_CIPHER_CTX_new()))
        handleErrors();

    /*
     * Initialise the encryption operation. IMPORTANT - ensure you use a key
     * and IV size appropriate for your cipher
     * In this example we are using 256 bit AES (i.e. a 256 bit key). The
     * IV size for *most* modes is the same as the block size. For AES this
     * is 128 bits
     */
    if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
        handleErrors();

    /*
     * Provide the message to be encrypted, and obtain the encrypted output.
     * EVP_EncryptUpdate can be called multiple times if necessary
     */
    if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
        handleErrors();
    ciphertext_len = len;

    /*
     * Finalise the encryption. Further ciphertext bytes may be written at
     * this stage.
     */
    if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len))
        handleErrors();
    ciphertext_len += len;

    /* Clean up */
    EVP_CIPHER_CTX_free(ctx);

    return ciphertext_len;


int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key,
            unsigned char *iv, unsigned char *plaintext)

    EVP_CIPHER_CTX *ctx;

    int len;

    int plaintext_len;

    /* Create and initialise the context */
    if(!(ctx = EVP_CIPHER_CTX_new()))
        handleErrors();

    /*
     * Initialise the decryption operation. IMPORTANT - ensure you use a key
     * and IV size appropriate for your cipher
     * In this example we are using 256 bit AES (i.e. a 256 bit key). The
     * IV size for *most* modes is the same as the block size. For AES this
     * is 128 bits
     */
    if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
        handleErrors();

    /*
     * Provide the message to be decrypted, and obtain the plaintext output.
     * EVP_DecryptUpdate can be called multiple times if necessary.
     */
    if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
        handleErrors();
    plaintext_len = len;

    /*
     * Finalise the decryption. Further plaintext bytes may be written at
     * this stage.
     */
    if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len))
        handleErrors();
    plaintext_len += len;

    /* Clean up */
    EVP_CIPHER_CTX_free(ctx);

    return plaintext_len;


int main (void)

    unsigned char *key = (unsigned char *)"59454C4C4F57205355424D4152494E45";
    unsigned char *iv = NULL;

    int decryptedtext_len;
    int ciphertext_len;
    char* ciphertext = readFile("ciphertext.no_newlines_decoded", &ciphertext_len);

    unsigned char decryptedtext[10000];
    decryptedtext_len = decrypt(ciphertext, ciphertext_len, key, iv, decryptedtext);
    decryptedtext[decryptedtext_len] = '\0';
    printf("Decrypted text is:\n");
    printf("%s\n", decryptedtext);

    return 0;

我一直在尝试学习OpenSSL C API。我找到了有趣的cryptopals挑战页面，并想尝试一些简单的挑战。我接受了挑战7，AES ECB：https：//cryptopals.com/sets/1 / ...

答案

可能（也是最可靠的原因是您使用的是[[AES-CBC]]密码，而不是建议的[[AES-ECB]]（EVP_DecryptInit_ex(ctx, **EVP_aes_256_cbc()**, NULL, key, iv)）。