c - 解密后的文件仍然是加密的

Question

我已经为此工作了几个小时，首先我想解释一下我正在尝试做什么；使用 OpenSSL 在 C 中加密/解密文件。问题似乎出在解密方法上。文档很少，我将其与引用书籍等拼凑在一起。

运行代码时，输​​出没有问题。当打开预期的解密文件时，它实际上仍然是加密的......

#include <stdio.h>
#include <stdlib.h>
#include <syslog.h>
#include <openssl/aes.h>
#include <openssl/bio.h>
#include <openssl/rand.h>
#include <openssl/err.h>
#include <string.h>
#include <openssl/evp.h>
#include <sys/stat.h>
#include <errno.h>

/*=========================================================================|
Encryption Method below, This Will Take The File And Use The Keys And IV  
To Encrypt The Data/File. We Use Long Here Because Int Only Is Good For <2GB
Data Size And Will Get ERRORS If File Is Larger Than >= 2GB Which Is As Common
as gold-diggers. */

void encrypt_process()
{
    unsigned char key[] = "badidea";
    unsigned char vec[] = "again";

    FILE *Input_File;
    FILE *Output_file;
    Input_File =fopen("french.txt", "rb");
    Output_file = fopen("ult.txt", "wb");//File to be written; cipher text
    fseek(Input_File, 0, SEEK_END);
    unsigned long len = (unsigned long)ftell(Input_File); // use long as the file if >2GB will blow past int
    printf("length of the file is : %lu", len);

    unsigned long outLen1 = 0;
    unsigned long outLen2 = 0;
    unsigned char *indata = malloc(len);
    unsigned char *outdata = malloc(len);

    fread(indata,sizeof(char),len, Input_File);//Read Entire File

    /*-----------------------------------------------------------------*\
    <|||    Set Up Encryption As Defined in OPENSSH using their syntax etc.>>>
    *-----------------------------------------------------------------*/

    //initiating cipher
    EVP_CIPHER_CTX ctx;

    EVP_EncryptInit(&ctx,EVP_aes_128_cbc(),key,vec);
    EVP_EncryptUpdate(&ctx,outdata,&outLen1,indata,len);

    EVP_EncryptFinal(&ctx,outdata + outLen1,&outLen2);
    fwrite(outdata,sizeof(char),outLen1 + outLen2,Output_file);

    fclose(Input_File); // free all pointers and clean up
    fclose(Output_file);

    Input_File = NULL;
    printf("\n Encryption Process Complete");
}

/*=========================================================================|
Decryption Method below, This Will Take The File And Use The Keys And IV
To Decrypt The Data/File. We Use Long Here Because Int Only Is Good For <= 2GB
Data Size And Will Get ERRORS If File Is Larger Than 2GB Which Is As Common
as gold-diggers */

void decrypt_process()
{
    unsigned char key[] = "badidea";
    unsigned char vec[] = "again";

    FILE *Input_File;
    FILE *Output_file;
    Input_File =fopen("ult.txt", "rb");
    Output_file = fopen("claro.txt", "wb");
    fseek(Input_File, 0, SEEK_END);
    unsigned long len = (unsigned long)ftell(Input_File); // use long as the file if >2GB will blow past int
    printf("length of the file is : %lu", len); //xcode underlines this?

    unsigned long outLen1 = 0;
    unsigned long outLen2 = 0;
    unsigned char *indata = malloc(len);
    unsigned char *outdata = malloc(len);

    fread(indata,sizeof(char),len, Input_File);//Read Entire File

    /*-----------------------------------------------------------------*\
    <|||    Set Up Decryption As Defined in OPENSSH using their syntax etc.>>>
    *-----------------------------------------------------------------*/

    //initiating decrypt
    EVP_CIPHER_CTX ctx;

    EVP_DecryptInit(&ctx,EVP_aes_128_cbc(),key,vec);
    EVP_DecryptUpdate(&ctx,outdata,&outLen1,indata,len);
    EVP_DecryptFinal(&ctx,outdata + outLen1,&outLen2);
    fwrite(outdata,sizeof(char),outLen1 + outLen2,Output_file);

    fclose(Input_File); // free all pointers and clean up
    fclose(Output_file);
    Input_File = NULL;

    printf("\n Decryption Process Complete");
}

// main entry point
int main(int argc, const char * argv[])
{            
    char option[5]; //local buffer to get input
    printf("\n **********Welcome To Encryption And Decryption Services!");
    printf("****** \n Type e for ecryption or d for decryption (more options later) ");

    scanf("%s", option); // should use fgets

    if(strcmp(option, "e")== 0){
        printf("*********  Encryption Process Initiated \n What File Do You Want To Encrypt? Complete Path Needed");

        encrypt_process(); // our encryption method
    }
    else if(strcmp(option,"d")== 0){
        printf("*********  Decryption Process Initiated");
        decrypt_process();
    }
    return 0;
}

Answer 1

这里的第一个主要问题是您没有进行任何错误检查。因此，当出现问题时，您无从得知。

所有 I/O 例程(fopen、fread、fwrite、fseek)均应检查错误使用perror打印错误代码。

同样，所有 OpenSSL 函数也应该检查错误。 ERR_error_string 和 ERR_get_error 函数会告诉您错误是什么。您需要在程序开始时调用 ERR_load_crypto_strings 来加载错误字符串。

话虽如此，有两件事导致了您的问题。

首先，当您从输入文件中读取数据时(在加密和解密例程中)，您已经位于文件末尾，因此您不会读取任何内容。读取之前需要将文件指针重置到文件开头。

    fseek(Input_File, 0, SEEK_SET);
    fread(indata,sizeof(char),len, Input_File);//Read Entire File

另一个问题是 key 和 IV 的大小:

    unsigned char key[] = "badidea";
    unsigned char vec[] = "again";

由于没有为这些数组给出明确的大小，因此它们的初始值设定项一样大，在本例中分别为 8 和 6 个字节(字符串中的每个字符一个，加上 nul 终止字节一个)。 AES-128 需要 32 个字节的 key 和 16 个字节的 IV。由于这些数组不够大，加密/解密例程会读取这些数组的末尾，从而导致 undefined behavior .

给这些数组一个明确的大小:

    unsigned char key[32] = "badidea";
    unsigned char vec[16] = "again";

由于每个变量都有一个初始值设定项，因此任何未显式初始化的剩余字节都将设置为 0。