这是我的Java代码。现在,我想在Objective-C中实现相同的功能。
Cipher encryptCipher;
IvParameterSpec iv = new IvParameterSpec(key);
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
encryptCipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
encryptCipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = encryptCipher.doFinal(dataToEncrypt.getBytes());
Log.d("TAG", "encrypted string:"
+ Base64.encodeToString(encrypted, Base64.DEFAULT));
return Base64.encodeToString(encrypted, Base64.DEFAULT).trim();
这是我的iOS实现
- (NSData *)AES256EncryptWithKey:(NSString*)key
{
char keyPtr[kCCKeySizeAES256 + 1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void* buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
keyPtr,
kCCKeySizeAES256,
NULL,
[self bytes],
dataLength,
buffer,
bufferSize,
&numBytesEncrypted);
if (cryptStatus == kCCSuccess)
{
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer);
return nil;
}
这是我的哈希键生成功能。此函数在android和ios中返回相同的键
int dkLen = 16;
NSData *keyData = [hash_key dataUsingEncoding:NSUTF8StringEncoding];
NSData *salt = [saltKey dataUsingEncoding:NSUTF8StringEncoding];
uint rounds = 1000;
uint keySize = kCCKeySizeAES128;
NSMutableData *derivedKey = [NSMutableData dataWithLength:keySize];
CCKeyDerivationPBKDF(kCCPBKDF2, // algorithm
keyData.bytes, // password
keyData.length, // passwordLength
salt.bytes, // salt
salt.length, // saltLen
kCCPRFHmacAlgSHA1, // PRF
rounds, // rounds
derivedKey.mutableBytes, // derivedKey
dkLen*8);
return derivedKey;
我得到了不同的输出。我做错了吗?请帮助我找出答案。
一个问题是Java代码使用CBC模式,iOS代码使用ECB模式。
接下来,来自引用的项目:
//result= yHbhApwTpQ2ZhE97AKF/g==
无效的Base64,它不包含4字节的倍数。
使用以下选项:CBC,PKCS#7填充
输入: 数据在:“ hello”中,将被填充为16字节的块长度为null 钥匙: base64:VQQhu + dUdqXGoE7RZL2JWg == 十六进制:550421bbe75476a5c6a04ed164bd895a iv: base64:VQQhu + dUdqXGoE7RZL2JWg == 十六进制:550421bbe75476a5c6a04ed164bd895a 加密输出: 十六进制:ff21db840a704e943666113dec0285fe base64:/ yHbhApwTpQ2ZhE97AKF / g ==
这是测试代码:
NSString *base64Key = @"VQQhu+dUdqXGoE7RZL2JWg==";
NSString *dataString = @"hello";
NSData *key = [[NSData alloc] initWithBase64EncodedString:base64Key options:0];
NSData *data = [dataString dataUsingEncoding:NSUTF8StringEncoding];
NSLog(@"key: %@", key);
NSLog(@"data: %@", data);
NSData *encryptedData = [TestClass crypt:data
iv:key
key:key
context:kCCEncrypt];
NSLog(@"encryptedData: %@", encryptedData);
NSString *encryptedBase64Data = [encryptedData base64EncodedStringWithOptions:0];
NSLog(@"encryptedBase64Data: %@", encryptedBase64Data);
这是加密方法(在类中TestClass
):
+ (NSData *)crypt:(NSData *)dataIn
iv:(NSData *)iv
key:(NSData *)symmetricKey
context:(CCOperation)encryptOrDecrypt
{
CCCryptorStatus ccStatus = kCCSuccess;
size_t cryptBytes = 0; // Number of bytes moved to buffer.
NSMutableData *dataOut = [NSMutableData dataWithLength:dataIn.length + kCCBlockSizeAES128];
ccStatus = CCCrypt( encryptOrDecrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
symmetricKey.bytes,
kCCKeySizeAES128,
iv.bytes,
dataIn.bytes,
dataIn.length,
dataOut.mutableBytes,
dataOut.length,
&cryptBytes);
if (ccStatus != kCCSuccess) {
NSLog(@"CCCrypt status: %d", ccStatus);
}
dataOut.length = cryptBytes;
return dataOut;
}
注意:我将加密和数据转换分开保存。混淆它们只会使测试更加复杂。
如果您使用在线加密实现,则填充可能不是PKCS#7,因为mcrypt不支持填充,而是使用非标准的空填充。由于填充字节只是填充字节的计数,因此可以在输入中模拟填充。这是使用AES的示例–对称密码在线
请注意,填充为16字节块大小的“ hello” PKCS#7将添加uint8值11或0x0B
:的11个字节68656c6c6f0B0B0B0B0B0B0B0B0B0B0B
。
最后的问题仍然是为什么Java代码不会产生此结果?
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
我来说两句