AES 的 EVP_CIPHER_CTX_set_padding 的padding设置

最新推荐文章于 2025-06-20 13:52:41 发布

原创最新推荐文章于 2025-06-20 13:52:41 发布 · 9.7k 阅读

11 ·

CC 4.0 BY-SA版权

openssl 专栏收录该内容

1 篇文章

订阅专栏

该博客探讨了AES对称加密中EVP_CIPHER_CTX_set_padding函数的作用，指出默认填充方式为EVP_PADDING_PKCS7。如果不设置或设置为0，对于不足128位的数据块会引发错误。尽管可以设置为ISO7816_4、ANSI923、ISO10126，但对AES加密的影响与PKCS7相同。作者提供了相关文档链接和在线加密工具以供参考。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

函数全称：

int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *c, int pad);

可以设置在加密数据时对不够长的数据进行填充的方式，pad可以设置为以下几个

//in file openssl/evp.h
#define EVP_PADDING_PKCS7       1
#define EVP_PADDING_ISO7816_4   2
#define EVP_PADDING_ANSI923     3
#define EVP_PADDING_ISO10126    4
#define EVP_PADDING_ZERO        5

在AES对称加密中，不写这个函数，默认是有padding的，应该是EVP_PADDING_PKCS7。如果设置为0，若你的数据的一个分组（一般时最后一个分组）不够AES数据块长度128bits时，就会报错。

最最重要的是，就算设置为ISO7816_4、ANSI923、ISO10126三种，对AES加密来说，结果和设置为PKCS7是一样的，原因还未知，可以看下面的例子，修改 EVP_CIPHER_CTX_set_padding的pad参数看看。

先附一个链接，讲了这个函数的作用。https://github.com/openssl/openssl/blob/67c81ec311d696464bdbf4c6d6f8a887a3ddf9f8/doc/man3/EVP_EncryptInit.pod

http://tool.chacuo.net/cryptaes 这个网址实现在线AES加密，将结果和下面这个比对

windows 10，VS2019，openssl1.1.1c

#define  _CRT_SECURE_NO_WARNINGS

#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <string.h>

#ifdef __cplusplus
#include <openssl/applink.c>
#endif // __cplusplus


void handleErrors(void);
int encrypt(unsigned char* plaintext, int plaintext_len, unsigned char* key,
	unsigned char* iv, unsigned char* ciphertext);
int decrypt(unsigned char* ciphertext, int ciphertext_len, unsigned char* key,
	unsigned char* iv, unsigned char* plaintext);

int main(void)
{
	/*
	 * Set up the key and iv. Do I need to say to not hard code these in a
	 * real application? :-)
	 */

	 /* A 256 bit key */
	unsigned char* key = (unsigned char*)"01234567890123456789012345678901";

	/* A 128 bit IV */
	unsigned char* iv = (unsigned char*)"0123456789012345";

	/* Message to be encrypted */
	unsigned char* plaintext =
		(unsigned char*)"he quick brown fox jumps over the lazy dog The quick brown fox jumps over the lazy dog The quick brown fox jumps over the lazy dog The quick brown fox jumps over the lazy dog The quick brown fox jumps over the lazy dog The quick brown fox jumps over the lazy dog The quick brown fox jumps over the lazy dog The quick brown fox jumps over the lazy dog The quick brown fox jumps over the lazy dog The quick brown fox jumps over the lazy dog123456789";

	/*
	 * Buffer for ciphertext. Ensure the buffer is long enough for the
	 * ciphertext which may be longer than the plaintext, depending on the
	 * algorithm and mode.
	 */
	unsigned char ciphertext[128*8];

	/* Buffer for the decrypted text */
	unsigned char decryptedtext[128 * 8];
	memset(decryptedtext,'v',128 * 8);


	int decryptedtext_len, ciphertext_len;

	/* Encrypt the plaintext */
	ciphertext_len = encrypt(plaintext, strlen((char*)plaintext), key, iv,
		ciphertext);

	/* Do something useful with the ciphertext here */
	printf("Ciphertext is:\n");
	BIO_dump_fp(stdout, (const char*)ciphertext, ciphertext_len);

	/* Decrypt the ciphertext */
	decryptedtext_len = decrypt(ciphertext, ciphertext_len, key, iv,
		decryptedtext);

	/* Add a NULL terminator. We are expecting printable text */
	decryptedtext[decryptedtext_len] = '\0';

	/* Show the decrypted text */
	printf("Decrypted text is:\n");
	printf("%s\n", decryptedtext);


	return 0;
}


void handleErrors(void)
{
	ERR_print_errors_fp(stderr);
	abort();
}

int encrypt(unsigned char* plaintext, int plaintext_len, unsigned char* key,
	unsigned char* iv, unsigned char* ciphertext)
{
	EVP_CIPHER_CTX* ctx;

	int len;

	int ciphertext_len;

	/* Create and initialise the context */
	if (!(ctx = EVP_CIPHER_CTX_new()))
		handleErrors();


	/*
	 * Initialise the encryption operation. IMPORTANT - ensure you use a key
	 * and IV size appropriate for your cipher
	 * In this example we are using 256 bit AES (i.e. a 256 bit key). The
	 * IV size for *most* modes is the same as the block size. For AES this
	 * is 128 bits
	 */
	if (1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
		handleErrors();

	


	/*
	 * Provide the message to be encrypted, and obtain the encrypted output.
	 * EVP_EncryptUpdate can be called multiple times if necessary
	 */
	if (1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
		handleErrors();
	ciphertext_len = len;

	/*
	 *
	 *
	 */
	EVP_CIPHER_CTX_set_padding(ctx, EVP_PADDING_ZERO);

	/*
	 * Finalise the encryption. Further ciphertext bytes may be written at
	 * this stage.
	 */
	if (1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len))
		handleErrors();
	ciphertext_len += len;

	/* Clean up */
	EVP_CIPHER_CTX_free(ctx);

	return ciphertext_len;
}


int decrypt(unsigned char* ciphertext, int ciphertext_len, unsigned char* key,
	unsigned char* iv, unsigned char* plaintext)
{
	EVP_CIPHER_CTX* ctx;

	int len;

	int plaintext_len;

	/* Create and initialise the context */
	if (!(ctx = EVP_CIPHER_CTX_new()))
		handleErrors();

	/*
	 * Initialise the decryption operation. IMPORTANT - ensure you use a key
	 * and IV size appropriate for your cipher
	 * In this example we are using 256 bit AES (i.e. a 256 bit key). The
	 * IV size for *most* modes is the same as the block size. For AES this
	 * is 128 bits
	 */
	if (1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
		handleErrors();

	/*
	 *
	 *
	 */
	EVP_CIPHER_CTX_set_padding(ctx, EVP_PADDING_ZERO);

	/*
	 * Provide the message to be decrypted, and obtain the plaintext output.
	 * EVP_DecryptUpdate can be called multiple times if necessary.
	 */
	if (1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
		handleErrors();
	plaintext_len = len;

	/*
	 * Finalise the decryption. Further plaintext bytes may be written at
	 * this stage.
	 */
	if (1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len))
		handleErrors();
	plaintext_len += len;

	/* Clean up */
	EVP_CIPHER_CTX_free(ctx);

	return plaintext_len;
}