问题
I'm new to OpenSSL. I understand that encryption should be performed using the EVP API which acts as a common interface to all the ciphers. AES CTR mode seems to be present in the version of OpenSSL that I have, but the definition for EVP_aes_128_ctr is disabled in evp.h:
#if 0
const EVP_CIPHER *EVP_aes_128_ctr(void);
#endif
Any idea why this is? Can I just remove the #if 0? Any other pointers on getting 128 bit AES CTR mode encryption to work in OpenSSL would be appreciated!
Thanks!
回答1:
Btw, it looks like the answer to this is no, not yet. But maybe soon. I found this email thread indicating that a patch to address this issue may have been submitted in June 2010:
http://www.mail-archive.com/libssh2-devel@cool.haxx.se/msg01972.html
But when I downloaded the latest development branch from SVN, AES CTR was still not enabled in EVP. I ended up just implementing it directly, for which I found this link helpful:
AES CTR 256 Encryption Mode of operation on OpenSSL
回答2:
I'm using AES CTR 128 mode and it works. I'm using libssl1.0.0 (I'm not sure if I'm answering the right question! I hope it would be helpful). Here is a part of my code:
EVP_CipherInit_ex(ctx, EVP_aes_128_ctr(), NULL, key, iv,1);
EVP_CipherUpdate (ctx, ciphertext, &len, plaintext, plaintext_len);
/* Finalise the encryption. */
if(! EVP_CipherFinal_ex(ctx, ciphertext + len, &len)) handleErrors();
/*setting padding option*/
EVP_CIPHER_CTX_set_padding(ctx,0);
/* Clean up */
EVP_CIPHER_CTX_free(ctx);
来源:https://stackoverflow.com/questions/3783311/is-it-possible-to-use-aes-ctr-mode-encryption-using-the-evp-api