1、先寫一個用于生產二進制文件的工具
使用說明：新建main.c，將代碼拷貝到main.c中，在linux環境下執行gcc main.c -o x，輸出可執行文件x

#include <stdio.h>int write_the_same_datas(char *name,unsigned int len,char value) {FILE *fp;int i;fp = fopen(name,"w");if(NULL == fp){printf("fopen %s failed\n",(name));return -1;}for(i=0;i<len;i++)fputc(value,fp);fclose(fp); }int write_the_increase_datas(char *name,unsigned int len,char start,char end) {FILE *fp;int i,x;fp = fopen(name,"w");if(NULL == fp){printf("fopen %s failed\n",(name));return -1;}if(start > end){printf("start is smaller end!! error!!\n");}x=start;for(i=0;i<len;i++){fputc(x,fp);if(x == end)x = start;elsex++;}fclose(fp); }int write_the_decrease_datas(char *name,unsigned int len,char start,char end) {FILE *fp;int i,x;fp = fopen(name,"w");if(NULL == fp){printf("fopen %s failed\n",(name));return -1;}if(start < end){printf("start is bigger end!! error!!\n");}x=start;for(i=0;i<len;i++){fputc(x,fp);if(x == end)x = start;elsex--;}fclose(fp); }int main(int argc, char *argv[]) {unsigned int len;char *cmd,*filename;unsigned int value,start,end;filename = argv[1];cmd = argv[2]; // increase decrease samesscanf(argv[3],"0x%x",&len);if (memcmp(cmd,"increase",8) == 0) {sscanf(argv[4],"0x%x",&start);sscanf(argv[5],"0x%x",&end);write_the_increase_datas(filename,len,(unsigned char)(start & 0xff),(unsigned char)(end & 0xff));return 0;}else if (memcmp(cmd,"decrease",8) == 0) {sscanf(argv[4],"0x%x",&start);sscanf(argv[5],"0x%x",&end);write_the_decrease_datas(filename,len,(unsigned char)(start & 0xff),(unsigned char)(end & 0xff));return 0;}else if (memcmp(cmd,"same",4) == 0) {sscanf(argv[4],"0x%x",&value);write_the_same_datas(filename,len,(unsigned char)(value & 0xff));} }

2、生產加解密使用的源文件
（1） 生成輸入文件
(如生成一個長度為16bytes的文件，文件內容全是0x3)
./x “in-16.data” same 0x10 0x3

（2） 生成輸入key文件
(如生成一個長度為16bytes的文件，文件內容全是0x0-0xf遞增)
./x “key-16.data” increase 0x10 0x0 0xf

3、使用openssl命令，執行加密操作
（如ECB加密，key-256）
openssl enc -aes-256-ecb -in in-16.data -K 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -out enc.log && md5sum enc.log

enc.log中的內容，就是ECB加密后的內容了，注意該輸出文件enc.log在尾端會多產生16bytes，可以使用如下命令去尾端：
name=“enc.log”;a=ls $name -l | awk '{print $5}';b=$[$a-16];head -c $b $name>out.log

這樣out.log中的數據，就是加密后的數據了

hash計算：
openssl sha -sha256 filename
SHA256(filename)= e3fdd945d31029a1d0937cd8f0d23407

$ openssl sha -h
unknown option ‘-h’
options are
-c to output the digest with separating colons
-r to output the digest in coreutils format
-d to output debug info
-hex output as hex dump
-binary output in binary form
-hmac arg set the HMAC key to arg
-non-fips-allow allow use of non FIPS digest
-sign file sign digest using private key in file
-verify file verify a signature using public key in file
-prverify file verify a signature using private key in file
-keyform arg key file format (PEM or ENGINE)
-out filename output to filename rather than stdout
-signature file signature to verify
-sigopt nm:v signature parameter
-hmac key create hashed MAC with key
-mac algorithm create MAC (not neccessarily HMAC)
-macopt nm:v MAC algorithm parameters or key
-engine e use engine e, possibly a hardware device.
-md4 to use the md4 message digest algorithm
-md5 to use the md5 message digest algorithm
-ripemd160 to use the ripemd160 message digest algorithm
-sha to use the sha message digest algorithm
-sha1 to use the sha1 message digest algorithm
-sha224 to use the sha224 message digest algorithm
-sha256 to use the sha256 message digest algorithm
-sha384 to use the sha384 message digest algorithm
-sha512 to use the sha512 message digest algorithm
-whirlpool to use the whirlpool message digest algorithm

2、使用RSA密鑰進行簽名驗證操作
https://www.linuxidc.com/Linux/2016-04/130492.htm
/摘要算法選取sha256，密鑰RSA密鑰，對file.txt進行簽名/
linuxidc@linuxidc:~/test$ openssl dgst -sign RSA.pem -sha256 -out sign.txt file.txt
/使用RSA密鑰驗證簽名(prverify參數)，驗證成功/
linuxidc@linuxidc:~/test$ openssl dgst -prverify RSA.pem -sha256 -signature sign.txt file.txt
Verified OKt
/從密鑰中提取公鑰/
linuxidc@linuxidc:~/test$ openssl rsa -in RSA.pem -out pub.pem -pubout
writing RSA key
/使用RSA公鑰驗證簽名(verify參數)，驗證成功/
linuxidc@linuxidc:~/test$ openssl dgst -verify pub.pem -sha256 -signature sign.txt file.txt
Verified OK

總結

以上是生活随笔為你收集整理的openssl aes加解密的使用的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。