我正在使用此函数使用 openssl AES 256 CBC 加密数据:
int encryptAES(unsigned char *plaintext, int plaintext_len, unsigned char *key,
unsigned char *iv, unsigned char *ciphertext)
{
EVP_CIPHER_CTX *ctx;
int len;
int ciphertext_len;
/* Create and initialise the context */
if(!(ctx = EVP_CIPHER_CTX_new())) return handleErrors();
/* Initialise the encryption operation. IMPORTANT - ensure you use a key
* and IV size appropriate for your cipher
* In this example we are using 256 bit AES (i.e. a 256 bit key). The
* IV size for *most* modes is the same as the block size. For AES this
* is 128 bits */
if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), NULL, key, iv))
return handleErrors();
/* Provide the message to be encrypted, and obtain the encrypted output.
* EVP_EncryptUpdate can be called multiple times if necessary
*/
if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
return handleErrors();
ciphertext_len = len;
/* Finalise the encryption. Further ciphertext bytes may be written at
* this stage.
*/
if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)) return handleErrors();
ciphertext_len += len;
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
return ciphertext_len;
}
我想为这个函数提供一个固定大小的缓冲区ciphertext
,如何计算加密消息的最大可能长度(ciphertext
)
谢谢。
最佳答案
假设 PKCS#7 填充,这是 OpenSSL ECB 和 CBC 模式的默认值,加密长度将为:
plaintext_len + block_size - (plaintext_len % block_size)
在哪里
block_size = 16
用于 AES。最终结果始终是 block_size
的倍数。
关于计算 AES 加密消息的最大长度,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/44355901/