I'm learning how to use openssl and learn more about it.
I wrote a very short line of codes which AES encrypts plaintext and display the output as ciphered text. I had no idea how to display its encrypted plaintext.
#include <openssl/evp.h> #include <openssl/rand.h> #include <openssl/err.h> #include <stdint.h> int main() { unsigned char *buf; int num; int rn = RAND_bytes(buf, num); //if(rn != 1) //{ // ERR_print_errors(bp); //} if(rn == 1) { EVP_CIPHER_CTX *ctx; const EVP_CIPHER *type = EVP_aes_128_cbc(); const unsigned char *iv; unsigned char *out; int *outl; unsigned char *in; int inl; iv = buf; // Random numbers from RAND_bytes const unsigned char *key = (const unsigned char *) "\x00\x01\x02\x03\x04\x05\x06\x07" "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f" "\x10\x11\x12\x13\x14\x15\x16\x17" "\x18\x19\x1a\x1b\x1c\x1d\x1e\x1f"; in = "password"; // Plaintext to be decrypted ctx = EVP_CIPHER_CTX_new(); // Alocate ctx variable EVP_EncryptInit(ctx, type, key, iv); EVP_EncryptUpdate(ctx, out, outl, in, inl); EVP_EncryptFinal(ctx, out, outl); const char *ciphertext = out; uintptr_t ciphertext_len = (uintptr_t)outl; // Convert pointer type variable to non-pointer type variable // Bio dump BIO_dump_fp(stdout, out, ciphertext_len); // Clean up EVP_CIPHER_CTX_free(ctx); } } I read openssl documentation and from what I've understand 'BIO_dump_fp' function were used to print out hexadecimal values.
bufandnumare both uninitialized. IfRAND_bytescallsmalloc(), that only updates its local variable, not the caller's variable. See stackoverflow.com/questions/13431108/…EVP_Decrypt*functions.outis also uninitialized.