AES-256 Encryption with OpenSSL library using ECB mode of operation
The function takes 5 arguments, pass NULL for the iv parameter.
if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_ecb(), NULL, key, NULL))
From the docs:
int EVP_EncryptInit_ex( EVP_CIPHER_CTX *ctx,
const EVP_CIPHER *type,
ENGINE *impl,
unsigned char *key,
unsigned char *iv);
As the old Jedi Master, @zaph, calmly instructs @akfe79 to “Trust the Error Messages".
akfe79
Updated on June 07, 2022Comments
-
akfe79 almost 2 years
I am trying to create an example of AES Encryption with the OpenSSL library using the ECB mode. It has been hard to find any documentation especially on ECB so I took an example of code using the CBC mode and tried to modify it for ECB. I got rid of things not included in ECB such as the initialization vector and tried to modify the code to the best I could. Upon finishing I ran into some problems after compiling:
AES-256-ECB-Encryption.cpp: In function ‘int encrypt(unsigned char*, int, unsigned char*, unsigned char*)’: AES-256-ECB-Encryption.cpp:27:63: error: too few arguments to function ‘int EVP_EncryptInit_ex(EVP_CIPHER_CTX*, const EVP_CIPHER*, ENGINE*, const unsigned char*, const unsigned char*)’ if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_ecb(), NULL, key))The error says I have too few arguments to function in the int encrypt function. I also have this error for the int decrypt function. I was wondering if anyone here could help me clarify my problem. I am aware of the vulnerabilities attached to the ECB mode, but I would still like to become familiar with it. Also, I know that the key should not hard coded, but I just wanted to get an example running to make sure I had the right idea. I am using EVP Symmetric Encryption and Decryption from the libcrypto library within OpenSSL. I am on Ubuntu 16.0.4 if that matters. If anyone could shed some light on my problem or provide more documentation on ECB that would be greatly appreciated.
Thanks
Here is the rest of the code:
#include <openssl/conf.h> #include <openssl/evp.h> #include <openssl/err.h> #include <string.h> void handleErrors(void) { ERR_print_errors_fp(stderr); abort(); } int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key, unsigned char *ciphertext) { EVP_CIPHER_CTX *ctx; int len; int ciphertext_len; /* Create and initialise the context */ if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors(); /* Initialise the encryption operation. IMPORTANT - ensure you use a key * In this example we are using 256 bit AES (i.e. a 256 bit key). */ if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_ecb(), NULL, key)) handleErrors(); /* Provide the message to be encrypted, and obtain the encrypted output. * EVP_EncryptUpdate can be called multiple times if necessary */ if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len)) handleErrors(); ciphertext_len = len; /* Finalise the encryption. Further ciphertext bytes may be written at * this stage. */ if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)) handleErrors(); ciphertext_len += len; /* Clean up */ EVP_CIPHER_CTX_free(ctx); return ciphertext_len; } int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key, unsigned char *plaintext) { EVP_CIPHER_CTX *ctx; int len; int plaintext_len; /* Create and initialise the context */ if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors(); /* Initialise the decryption operation. IMPORTANT - ensure you use a key * In this example we are using 256 bit AES (i.e. a 256 bit key). The */ if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_256_ecb(), NULL, key)) handleErrors(); /* Provide the message to be decrypted, and obtain the plaintext output. * EVP_DecryptUpdate can be called multiple times if necessary */ if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len)) handleErrors(); plaintext_len = len; /* Finalise the decryption. Further plaintext bytes may be written at * this stage. */ if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) handleErrors(); plaintext_len += len; /* Clean up */ EVP_CIPHER_CTX_free(ctx); return plaintext_len; } int main (void) { /* A 256 bit key */ unsigned char *key = (unsigned char *)"01234567890123456789012345678901"; /* Message to be encrypted */ unsigned char *plaintext = (unsigned char *)"This is a test."; /* Buffer for ciphertext. Ensure the buffer is long enough for the * ciphertext which may be longer than the plaintext, dependant on the * algorithm and mode */ unsigned char ciphertext[128]; /* Buffer for the decrypted text */ unsigned char decryptedtext[128]; int decryptedtext_len, ciphertext_len; /* Initialise the library */ ERR_load_crypto_strings(); OpenSSL_add_all_algorithms(); OPENSSL_config(NULL); /* Encrypt the plaintext */ ciphertext_len = encrypt (plaintext, strlen ((char *)plaintext), key, ciphertext); /* Do something useful with the ciphertext here */ printf("Ciphertext is:\n"); BIO_dump_fp (stdout, (const char *)ciphertext, ciphertext_len); /* Decrypt the ciphertext */ decryptedtext_len = decrypt(ciphertext, ciphertext_len, key, decryptedtext); /* Add a NULL terminator. Expecting printable text */ decryptedtext[decryptedtext_len] = '\0'; /* Show the decrypted text */ printf("Decrypted text is:\n"); printf("%s\n", decryptedtext); /* Clean up */ EVP_cleanup(); ERR_free_strings(); return 0; }