Advanced Search

AES encryption/decryption demo program using OpenSSL EVP apis

/ Published in: C++
Save to your folder(s)
See also [cryptopp](http://www.cryptopp.com/)

Expand | Embed | Plain Text

Copy this code and paste it in your HTML 
  1. /**
  2.   AES encryption/decryption demo program using OpenSSL EVP apis
  3.   gcc -Wall openssl_aes.c -lcrypto
  4.   this is public domain code. 
  5.   Saju Pillai ([email protected])
  6. **/
  7.  
  8. #include <string.h>
  9. #include <stdio.h>
  10. #include <stdlib.h>
  11. #include <openssl/evp.h>
  12.  
  13. /**
  14.  * Create an 256 bit key and IV using the supplied key_data. salt can be added for taste.
  15.  * Fills in the encryption and decryption ctx objects and returns 0 on success
  16.  **/
  17. int aes_init(unsigned char *key_data, int key_data_len, unsigned char *salt, EVP_CIPHER_CTX *e_ctx, 
  18.              EVP_CIPHER_CTX *d_ctx)
  19. {
  20.   int i, nrounds = 5;
  21.   unsigned char key[32], iv[32];
  22.  
  23.   /*
  24.    * Gen key & IV for AES 256 CBC mode. A SHA1 digest is used to hash the supplied key material.
  25.    * nrounds is the number of times the we hash the material. More rounds are more secure but
  26.    * slower.
  27.    */
  28.   i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), salt, key_data, key_data_len, nrounds, key, iv);
  29.   if (i != 32) {
  30.     printf("Key size is %d bits - should be 256 bits\n", i);
  31.     return -1;
  32.   }
  33.  
  34.   EVP_CIPHER_CTX_init(e_ctx);
  35.   EVP_EncryptInit_ex(e_ctx, EVP_aes_256_cbc(), NULL, key, iv);
  36.   EVP_CIPHER_CTX_init(d_ctx);
  37.   EVP_DecryptInit_ex(d_ctx, EVP_aes_256_cbc(), NULL, key, iv);
  38.  
  39.   return 0;
  40. }
  41.  
  42. /*
  43.  * Encrypt *len bytes of data
  44.  * All data going in & out is considered binary (unsigned char[])
  45.  */
  46. unsigned char *aes_encrypt(EVP_CIPHER_CTX *e, unsigned char *plaintext, int *len)
  47. {
  48.   /* max ciphertext len for a n bytes of plaintext is n + AES_BLOCK_SIZE -1 bytes */
  49.   int c_len = *len + AES_BLOCK_SIZE, f_len = 0;
  50.   unsigned char *ciphertext = malloc(c_len);
  51.  
  52.   /* allows reusing of 'e' for multiple encryption cycles */
  53.   EVP_EncryptInit_ex(e, NULL, NULL, NULL, NULL);
  54.  
  55.   /* update ciphertext, c_len is filled with the length of ciphertext generated,
  56.     *len is the size of plaintext in bytes */
  57.   EVP_EncryptUpdate(e, ciphertext, &c_len, plaintext, *len);
  58.  
  59.   /* update ciphertext with the final remaining bytes */
  60.   EVP_EncryptFinal_ex(e, ciphertext+c_len, &f_len);
  61.  
  62.   *len = c_len + f_len;
  63.   return ciphertext;
  64. }
  65.  
  66. /*
  67.  * Decrypt *len bytes of ciphertext
  68.  */
  69. unsigned char *aes_decrypt(EVP_CIPHER_CTX *e, unsigned char *ciphertext, int *len)
  70. {
  71.   /* plaintext will always be equal to or lesser than length of ciphertext*/
  72.   int p_len = *len, f_len = 0;
  73.   unsigned char *plaintext = malloc(p_len);
  74.  
  75.   EVP_DecryptInit_ex(e, NULL, NULL, NULL, NULL);
  76.   EVP_DecryptUpdate(e, plaintext, &p_len, ciphertext, *len);
  77.   EVP_DecryptFinal_ex(e, plaintext+p_len, &f_len);
  78.  
  79.   *len = p_len + f_len;
  80.   return plaintext;
  81. }
  82.  
  83. int main(int argc, char **argv)
  84. {
  85.   /* "opaque" encryption, decryption ctx structures that libcrypto uses to record
  86.      status of enc/dec operations */
  87.   EVP_CIPHER_CTX en, de;
  88.  
  89.   /* 8 bytes to salt the key_data during key generation. This is an example of
  90.      compiled in salt. We just read the bit pattern created by these two 4 byte 
  91.      integers on the stack as 64 bits of contigous salt material - 
  92.      ofcourse this only works if sizeof(int) >= 4 */
  93.   unsigned int salt[] = {12345, 54321};
  94.   unsigned char *key_data;
  95.   int key_data_len, i;
  96.   char *input[] = {"a", "abcd", "this is a test", "this is a bigger test", 
  97.                    "\nWho are you ?\nI am the 'Doctor'.\n'Doctor' who ?\nPrecisely!",
  98.                    NULL};
  99.  
  100.   /* the key_data is read from the argument list */
  101.   key_data = (unsigned char *)argv[1];
  102.   key_data_len = strlen(argv[1]);
  103.  
  104.   /* gen key and iv. init the cipher ctx object */
  105.   if (aes_init(key_data, key_data_len, (unsigned char *)&salt, &en, &de)) {
  106.     printf("Couldn't initialize AES cipher\n");
  107.     return -1;
  108.   }
  109.  
  110.   /* encrypt and decrypt each input string and compare with the original */
  111.   for (i = 0; input[i]; i++) {
  112.     char *plaintext;
  113.     unsigned char *ciphertext;
  114.     int olen, len;
  115.  
  116.     /* The enc/dec functions deal with binary data and not C strings. strlen() will 
  117.        return length of the string without counting the '\0' string marker. We always
  118.        pass in the marker byte to the encrypt/decrypt functions so that after decryption 
  119.        we end up with a legal C string */
  120.     olen = len = strlen(input[i])+1;
  121.  
  122.     ciphertext = aes_encrypt(&en, (unsigned char *)input[i], &len);
  123.     plaintext = (char *)aes_decrypt(&de, ciphertext, &len);
  124.  
  125.     if (strncmp(plaintext, input[i], olen)) 
  126.       printf("FAIL: enc/dec failed for \"%s\"\n", input[i]);
  127.     else 
  128.       printf("OK: enc/dec ok for \"%s\"\n", plaintext);
  129.  
  130.     free(ciphertext);
  131.     free(plaintext);
  132.   }
  133.  
  134.   EVP_CIPHER_CTX_cleanup(&en);
  135.   EVP_CIPHER_CTX_cleanup(&de);
  136.  
  137.   return 0;
  138. }

URL: https://github.com/saju/misc/blob/master/misc/openssl_aes.c?p=36

Report this snippet


Comments

RSS Icon Subscribe to comments

You need to login to post a comment.