我找不到像EVP_CIPHER_freein那样的任何方法openssl/evp.h。我不需要释放 EVP_CIPHERs 吗?
问问题
666 次
2 回答
4
不,你没有。init 函数EVP_CipherInit_ex实际上是在 EVP_CIPHER_CTX object 中初始化变量ectx,您将其作为第一个参数传递。完成后记得打电话EVP_CIPHER_CTX_cleanup(&ectx)。
于 2014-04-18T01:55:24.977 回答
1
您可以在此页面底部清楚地看到它
EVP_CIPHER *cipher = NULL;
/* some stuff */
EVP_CIPHER_free(cipher);
完整代码:
int encrypt(const unsigned char *key, const unsigned char *iv,
const unsigned char *msg, size_t msg_len, unsigned char *out)
{
/*
* This assumes that key size is 32 bytes and the iv is 16 bytes.
* For ciphertext stealing mode the length of the ciphertext "out" will be
* the same size as the plaintext size "msg_len".
* The "msg_len" can be any size >= 16.
*/
int ret = 0, encrypt = 1, outlen, len;
EVP_CIPHER_CTX *ctx = NULL;
EVP_CIPHER *cipher = NULL;
OSSL_PARAM params[2];
ctx = EVP_CIPHER_CTX_new();
cipher = EVP_CIPHER_fetch(NULL, "AES-256-CBC-CTS", NULL);
if (ctx == NULL || cipher == NULL)
goto err;
/*
* The default is "CS1" so this is not really needed,
* but would be needed to set either "CS2" or "CS3".
*/
params[0] = OSSL_PARAM_construct_utf8_string(OSSL_CIPHER_PARAM_CTS_MODE,
"CS1", 0);
params[1] = OSSL_PARAM_construct_end();
if (!EVP_CipherInit_ex2(ctx, cipher, key, iv, encrypt, params))
goto err;
/* NOTE: CTS mode does not support multiple calls to EVP_CipherUpdate() */
if (!EVP_CipherUpdate(ctx, encrypted, &outlen, msg, msglen))
goto err;
if (!EVP_CipherFinal_ex(ctx, encrypted + outlen, &len))
goto err;
ret = 1;
err:
EVP_CIPHER_free(cipher);
EVP_CIPHER_CTX_free(ctx);
return ret;
}
于 2021-08-08T10:26:32.747 回答