示例 使用 AES-128-CBC加密算法

使用了pkcs5_encode padding 方式 pkcs7_encode也是兼容的

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/aes.h>
#include <openssl/rand.h>

// a simple hex-print routine. could be modified to print 16 bytes-per-line
static void hex_print(const void* pv, size_t len)
{
    const unsigned char * p = (const unsigned char*)pv;
    if (NULL == pv)
        printf("NULL");
    else
    {
        size_t i = 0;
        for (; i<len;++i)
            printf("%02X ", *p++);
    }
    printf("\n");
}


void pkcs7_encode(uint8_t *in, uint8_t *out, int inlen, int *outlen, const int enc)
{
    // uint8_t padchr[16] = {0x10, 0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08, 0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01};
    if(inlen <=0) return;
    // 添加padding
    if (enc == AES_ENCRYPT) {
        *outlen = inlen + 16 - inlen % 16;
        for (int i = 0; i < *outlen; i++)
        {
            if (i < inlen)
                out[i] = in[i];
            else
                out[i] = 16 - inlen % 16;
        }
    }
    // 删除padding
    else if (enc == AES_DECRYPT) {
        *outlen = inlen - (in[inlen-1]);
        for (int i=0; i< *outlen; i++) {
            out[i] = in[i];
        }
    }
}



int main(int argc, char **argv)
{
    int keylength;
    printf("Give a key length [only 128 or 192 or 256!]:\n");
    scanf("%d", &keylength);

    /* generate a key with a given length */

    unsigned char aes_key[16] = {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0a,0x0b,0x0c,0x0d,0x0e,0x0f};


    size_t inputslength = 0;
    printf("Give an input's length:\n");
    scanf("%lu", &inputslength);

    /* generate input with a given length */
    unsigned char * aes_input = malloc(inputslength);
    unsigned char * aes_out = malloc(inputslength);

    memset(aes_input, 'X', inputslength);

    /* init vector */
    unsigned char iv_enc[AES_BLOCK_SIZE] = {0}, iv_dec[AES_BLOCK_SIZE]={0};

    const size_t encslength = ((inputslength + AES_BLOCK_SIZE) / AES_BLOCK_SIZE) * AES_BLOCK_SIZE;
    unsigned char * enc_in = malloc(encslength);
    pkcs7_encode(aes_input, enc_in, inputslength, &encslength, AES_ENCRYPT);
    unsigned char * enc_out = malloc(encslength);
    AES_KEY enc_key;
    AES_set_encrypt_key(aes_key, keylength, &enc_key);
    AES_cbc_encrypt(enc_in, enc_out, encslength, &enc_key, iv_enc, AES_ENCRYPT);

    printf("original:\t");
    hex_print(aes_input, inputslength);

    printf("padding:\t");
    hex_print(enc_in, encslength);

    printf("encrypt:\t");
    hex_print(enc_out, encslength);


    unsigned char * dec_out = malloc(encslength);
    AES_KEY dec_key;
    AES_set_decrypt_key(aes_key, keylength, &dec_key);
    AES_cbc_encrypt(enc_out, dec_out, encslength, &dec_key, iv_dec, AES_DECRYPT);
    pkcs7_encode(dec_out, aes_out, encslength, &inputslength, AES_DECRYPT);

    printf("decrypt:\t");
    hex_print(dec_out, encslength);

    printf("depadding:\t");
    hex_print(aes_out, inputslength);

    int8_t buff[100];
    long bufflen;
    
    return 0;
}