ubuntu上安装测试openssl
环境 UBUNTU64位
一、首先确保系统内有如下软件已安装
1、perl5
参考http://blog.sina.com.cn/s/blog_68158ebf0100ndes.html
2、GCC
3、MAKE
一般情况下Ubuntu完全安装的情况下上述软件都是默认安装的。
二、下载OPENSSL源码
下载链接如下:www.openssl.org/source/
在上述网址内下载release版本的源码,如果没有找到你想要的版本那么可以去http://www.openssl.org/source/old/ 下载你想要的版本,我下载的是openssl-1.0.1j版本。
三、解压配置编译测试运行
新建一个openssl目录,解压源码到openssl目录下,分别执行如下指令
// 前提是下载的openssl源码在当前的工作目录下
mkdir openssl
tar vxfz openssl-1.0.1j.tar.gz -C ./openssl
./config
// 编译,会在openssl源码的根目录内生产libcrypto.a和libssl.a两个静态库文件
make
// 测试
make test
// 安装会将头文件自动安装在/usr/include/openssl内
make install四、编一个基于AES CTR128模式的测试程序,代码如下:
新建一个crypt.c,将openssl刚编译生产的静态库拷贝到crypt.c相同的目录内
#include "stdio.h"
#include "stdlib.h"
#include "string.h"
#include "math.h"
#include "openssl/aes.h"
struct ctr_state {
/* ivec[0..7] is the IV, ivec[8..15] is the big-endian counter */
unsigned char ivec[16];
unsigned int num;
unsigned char ecount[16];
};
int init_ctr(struct ctr_state *state, unsigned char iv[16],unsigned int num,unsigned char ecount[16])
{
#if 0
/* aes_ctr128_encrypt requires 'num' and 'ecount' set to zero on the
* first call. */
state->num = 0;
memset(state->ecount, 0, 16);
/* Initialise counter in 'ivec' to 0 */
memset(state->ivec + 8, 0, 8);
/* Copy IV into 'ivec' */
memcpy(state->ivec, iv, 8);
#else
state->num = num;
memcpy(state->ivec,iv,16);
memcpy(state->ecount,ecount,16);
#endif
return(0);
}
/*
=======================================================================================================
Function : aesif_ctr128_encrypt()
CTR128 encrypt & decrypt
INPUT : p_plaintext the plain text pointer
plen the plain text length
p_key the key pointer
klen the key length
p_iv the iv pointer
ilen the iv length
p_ecount the ecount pointer
elen the ecount length
num the ctr number
OUTPUT : ctr encrypt status 0:success -1:input data length error
=======================================================================================================
*/
int aesif_ctr128_encrypt(unsigned char *p_plaintext,unsigned int plen,unsigned char *p_key,unsigned char klen,
unsigned char *p_iv,unsigned char ilen,unsigned char *p_ecount,unsigned int elen,
unsigned int num,unsigned char *p_ciphertext)
{
AES_KEY rkey;
unsigned char key[32],iv[8];
struct ctr_state state;
memset(key,0,32);
memset(iv,0,8);
if(klen > 32)
klen = 32;
memcpy(key,p_key,klen);
if(ilen > 16)
ilen = 16;
memcpy(iv,p_iv,ilen);
init_ctr(&state, iv,num,p_ecount);
AES_set_encrypt_key(key, 256, &rkey);
AES_ctr128_encrypt(p_plaintext, p_ciphertext, plen, &rkey, state.ivec, state.ecount, &state.num);
return 0;
}
void aes_ctr128_test(void)
{
int i = 0;
unsigned char plaintext[AES_BLOCK_SIZE * 2];
unsigned char ciphertext[AES_BLOCK_SIZE * 2];
unsigned char checktext[AES_BLOCK_SIZE * 2];
unsigned char saveiv[16] = {0,0,0,0,0,0,0,0,0,1,2,3,4,5,6,7};
unsigned char iv[16];
unsigned int num = 0;
unsigned char ecount[16] = {0};
memcpy(plaintext,"aes ctr128 function test iarlink",32);
printf("\nplaintext:\"aes ctr128 function test iarlink\"\n\n");
printf("plaintext in hex: ");
for(i = 0;i < 32;i++)
printf("%02X ",plaintext[i]);
printf("\n\n");
/* encrypt */
memcpy(iv,saveiv,16);
aesif_ctr128_encrypt(plaintext,sizeof(plaintext),"iarlink",sizeof("iarlink"),iv,sizeof(iv),ecount,sizeof(ecount),num,ciphertext);
printf("ciphertext in hex: ");
for(i = 0;i < 32;i++)
printf("%02X ",ciphertext[i]);
printf("\n\n");
/* decrypt */
memcpy(iv,saveiv,16);
aesif_ctr128_encrypt(ciphertext,sizeof(ciphertext),"iarlink",sizeof("iarlink"),iv,sizeof(iv),ecount,sizeof(ecount),num,checktext);
printf("checktext in hex: ");
for(i = 0;i < 32;i++)
printf("%02X ",checktext[i]);
printf("\n\n");
printf("end!\n");
}
int main()
{
aes_ctr128_test();
}运行如下命令编译
gcc crypto.c -L./ -lcrypto -lssl -o crypt运行
./crypt结果如下:
