我们都知道mbedtls库是一个非常轻量级的c库。我想使用该库来加密字符串。所以我有一个像这样的功能:

aes_encrypt.h:

#ifndef AES_ENCRYPT_H
#define AES_ENCRYPT_H

#define BOOL int
#define TRUE 1
#define FALSE 0

extern const unsigned char key[16];

BOOL ENC_STR(unsigned char *plain, size_t plain_len,
             unsigned char *cipher, size_t *cipher_len);
#endif


和实现:

const unsigned char KEY[16] = { 0x00, 0x01, 0x02, 0x03,
                                0x04, 0x05, 0x06, 0x07,
                                0x08, 0x09, 0x0A, 0x0B,
                                0x0C, 0x0D, 0x0F, 0xA0 };

BOOL ENC_STR(unsigned char *plain, size_t plain_len, unsigned char *cipher, size_t *cipher_len)
{
BOOL ret = FALSE;

// Prepare the cipher context
const mbedtls_cipher_info_t *cipher_info;
mbedtls_cipher_context_t cipher_ctx;
mbedtls_cipher_init(&cipher_ctx);

if ((cipher_info = mbedtls_cipher_info_from_type(AES_PARM)) == NULL)
{
    printf("Cipher Info ERR!\n");
    ret = -1;
    goto EXIT;
}

if ( (ret = mbedtls_cipher_setup(&cipher_ctx, cipher_info)) != 0)
{
    printf("Cipher Setup ERR!\n");
    goto EXIT;
}

if ( (ret = mbedtls_cipher_setkey(&cipher_ctx, KEY, cipher_info->key_bitlen, MBEDTLS_ENCRYPT)) != 0)
{
    printf("Cipher SetKey ERR!\n");
    goto EXIT;
}

// if ( (ret = mbedtls_cipher_set_padding_mode(&cipher_ctx, 1)) != 0) {
//     printf("Cipher SetPadding ERR!\n");
//     goto EXIT;
// }


if ( (ret = mbedtls_cipher_reset(&cipher_ctx)) != 0)
{
    printf("Cipher Reset ERR!\n");
    goto EXIT;
}

// encrypt
if ((ret = mbedtls_cipher_update(&cipher_ctx, plain, plain_len, cipher, cipher_len)) != 0) {
    printf("Cipher Update ERR!\n");
    goto EXIT;
}

EXIT:
    if (ret != TRUE) {
        char buf[1024] = {0};
        mbedtls_strerror(ret, buf, 1024);
        printf("Error Msg:\t%s\n", buf);
    }

    mbedtls_cipher_free(&cipher_ctx);
    return ret;
}


我像下面这样调用函数:

unsigned char *plain = (unsigned char*)"hello world";
size_t plain_len = 12;
unsigned char cipher[128] = {0};
size_t cipher_len = -1;
printf("the encrypt result is:\t%d\n", ENC_STR(plain, plain_len, cipher, &cipher_len));


我得到如下错误信息:

CIPHER - Decryption of block requires a full block


谁能帮助我并解释错误消息的含义是什么?谢谢。

最佳答案

说明:


  CIPHER-块解密需要完整的块
  谁能帮助我并解释错误消息的含义是什么?


AES是block cipher,表示它当时用于加密128位块。不多不少。

因此,如果源数据短于单个块,则需要使用一些padding以确保将数据延长到所需的长度。

通常,为了加密任何长度的数据,我们使用mode of operation。有些不需要任何填充(CTR,CFB,OFB等)

加密仍然远远不够安全-您将需要IV(盐)和authentication tag


  我们都知道mbedtls库是一个非常轻量级的c库


显然mbedtls已经支持多种操作模式,由您选择

关于c - 如何使用mbedtls以AES方式加密字符串?,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/47689591/

10-11 23:07
查看更多