操作系统:CentOS 7
OpenSSL Version:openssl-1.1.0c.tar.gz
OpenSSL下载地址为:https://www.openssl.org/source/
1、将下载的压缩包放在根目录/。
2、在文件夹下解压缩,执行如下命令:
tar -xzf openssl-1.1.0c.tar.gz
得到openssl-1.1.0c文件夹。
3、进入解压目录,执行如下命令:
cd openssl-1.1.0c
4、设定Openssl 安装路径,( --prefix )参数为欲安装之目录,执行如下命令:
./config --prefix=/usr/local/openssl
5、执行命令./config -t
6、执行make,编译Openssl,编译需要等待一定的时间。
7、执行make install,安装 Openssl,安装也需要一定的时间。
8、执行以下命令,查看openssl的依赖关系。
[root@localhost openssl-1.1.0c]# cd /usr/local
[root@localhost local]# ldd /usr/local/openssl/bin/openssl
linux-vdso.so.1 => (0x00007ffcdb7dd000)
libssl.so.1.1 => not found
libcrypto.so.1.1 => not found
libdl.so.2 => /lib64/libdl.so.2 (0x00007f54ef8fd000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f54ef6e1000)
libc.so.6 => /lib64/libc.so.6 (0x00007f54ef31e000)
/lib64/ld-linux-x86-64.so.2 (0x00007f54efb16000)
9、查看openssl绝对路径和版本,执行如下命令。
[root@localhost local]# which openssl
/usr/bin/openssl
[root@localhost local]# openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
-lssl -lcryc 是包含里面的两个库:如下
/*
============================================================================
Name : helloAes.c
Author : fansen
Version :
Copyright : Your copyright notice
Description : Hello World in C, Ansi-style
============================================================================
*/
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#include "openssl/aes.h"
static void hexdump(
FILE *f,
const char *title,
const unsigned char *s,
int l)
{
int n = 0;
fprintf(f, "%s", title);
for (; n < l; ++n) {
if ((n % 16) == 0) {
fprintf(f, "\n%04x", n);
}
fprintf(f, " %02x", s[n]);
}
fprintf(f, "\n");
}
void RAND_pseudo_bytes(uint8_t *pRandNum, uint8_t u8Len)
{
int i;
srand(time(0));
for(i = 0; i < u8Len; i++)
*(pRandNum+i) = (rand()%255);
}
int main(void) {
//128bits key.
unsigned char rkey[16] = "zxcvbnmasdfghjkl";
//Internal key.
AES_KEY key;
//Testdata.
// [yasi] Make static content instead of random text
unsigned char plaintext[AES_BLOCK_SIZE * 4] =
{
'a', 'b', 'c', 'd', 'e', 'f', 'g', 'i', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'i',
'0', '1', '2', '3', '4', '5', '6', '7', '0', '1', '2', '3', '4', '5', '6', '7',
'a', 'b', 'c', 'd', 'e', 'f', 'g', 'i', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'i',
'0', '1', '2', '3', '4', '5', '6', '7', '0', '1', '2', '3', '4', '5', '6', 0x00
};
unsigned char ciphertext[AES_BLOCK_SIZE * 4];
unsigned char checktext[AES_BLOCK_SIZE * 4];
//Init vector.
unsigned char iv[AES_BLOCK_SIZE] = "1234567890123456";
//Save vector.
unsigned char saved_iv[AES_BLOCK_SIZE]= "1234567890123456";
int nr_of_bits = 0;
int nr_of_bytes = 0;
//Zeror buffer.
memset(ciphertext, 0, sizeof(ciphertext));
memset(checktext, 0, sizeof(checktext));
//Generate random
//RAND_pseudo_bytes(rkey, sizeof(rkey));
//RAND_pseudo_bytes(saved_iv, sizeof(saved_iv));
hexdump(stdout, "== rkey ==",
rkey,
sizeof(rkey));
hexdump(stdout, "== iv ==",
saved_iv,
sizeof(saved_iv));
printf("\n");
hexdump(stdout, "== plaintext ==",
plaintext,
sizeof(plaintext));
printf("\n");
//Entrypt
memcpy(iv, saved_iv, sizeof(iv));
nr_of_bits = 8 * sizeof(rkey);
AES_set_encrypt_key(rkey, nr_of_bits, &key);
nr_of_bytes = sizeof(plaintext);
AES_cbc_encrypt(plaintext,
ciphertext,
nr_of_bytes,
&key,
iv,
AES_ENCRYPT);
hexdump(stdout, "== ciphertext ==",
ciphertext,
sizeof(ciphertext));
printf("\n");
// [yasi] iv is changed in encryption
hexdump(stdout, "== iv changed ==",
iv,
sizeof(iv));
printf("\n");
//Decrypt
hexdump(stdout, "== saved_iv ==",
saved_iv,
sizeof(saved_iv));
//memcpy(iv, saved_iv, sizeof(iv)); // [yasi] without this line, decrypt will fail because iv is changed in encryption
nr_of_bits = 8 * sizeof(rkey);
AES_set_decrypt_key(rkey, nr_of_bits, &key);
nr_of_bytes = sizeof(ciphertext);
AES_cbc_encrypt(ciphertext,
checktext,
nr_of_bytes,
&key, iv,
AES_DECRYPT);
hexdump(stdout, "== checktext ==",
checktext,
sizeof(checktext));
printf("\n");
return 0;
return EXIT_SUCCESS;
}
文章来源:http://blog.csdn.net/chengqiuming/article/details/70139714