openssl is acting open to any size key

2019-02-27 22:33发布

站内问答 / 移动开发
798 2 5

how does openssl works with key as it is taking any size of key (1 byte to any size). What is the procedure to go to actual key here .. 

openssl enc -d -des-ecb -in cipher.txt -out text.out -K '530343412312345445123345677812345678812324'

2条回答
Evening l夕情丶
2楼-- · 2019-02-27 22:38

My observation to the case gave following conclusion:

  1. It takes hex value
  2. If the size is less then 8 bytes it pads 0
  3. It takes first 8 bytes as key
查看更多
0人赞 添加讨论(0) 举报
Lonely孤独者°
3楼-- · 2019-02-27 22:59

how does openssl works with key ... What is the procedure...

It depends on the program, but procedures are usually consistent across the library. In you example, you are using the openssl dec, so you are using the dec sub-program. The source code is available in <openssl dir>/apps/enc.c (enc and dec are part of enc.c).

Here's the relevant parts:

unsigned char key[EVP_MAX_KEY_LENGTH],iv[EVP_MAX_IV_LENGTH];
unsigned char salt[PKCS5_SALT_LEN];
...
char *hkey=NULL,*hiv=NULL,*hsalt = NULL;

The argument to -K is stored in hkey:

else if (strcmp(*argv,"-K") == 0)
{
    if (--argc < 1) goto bad;
    hkey= *(++argv);
}

Then, around line 580:

if ((hkey != NULL) && !set_hex(hkey,key,sizeof key))
{
    /* Handle failure */
}

set_hex is shown below and hex decodes the argument passed in through -K. It back fills the unused length with 0's via the memset. The unused length is EVP_MAX_KEY_LENGTH minus the length -K argument (after hex decoding).

Finally, around line 610:

if (!EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, enc))
{
    /* Handle failure */
}

Note: -k (small k) takes a different code path and uses EVP_BytesToKey to derive the key.

int set_hex(char *in, unsigned char *out, int size)
{
    int i,n;
    unsigned char j;

    n=strlen(in);
    if (n > (size*2))
    {
        BIO_printf(bio_err,"hex string is too long\n");
        return(0);
    }
    memset(out,0,size);
    for (i=0; i<n; i++)
    {
        j=(unsigned char)*in;
        *(in++)='\0';
        if (j == 0) break;
        if ((j >= '0') && (j <= '9'))
            j-='0';
        else if ((j >= 'A') && (j <= 'F'))
            j=j-'A'+10;
        else if ((j >= 'a') && (j <= 'f'))
            j=j-'a'+10;
        else
        {
            BIO_printf(bio_err,"non-hex digit\n");
            return(0);
        }
        if (i&1)
            out[i/2]|=j;
        else
            out[i/2]=(j<<4);
    }
    return(1);
}
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)