为什么iPad上的AES加密和PHP的解密失败?
作者:互联网
我有一个iPad应用程序,可以将加密的信息传输到基于PHP的网站,但是在正确解密此信息时遇到了困难.我将以下代码用于PHP端解密:
//Decryption function
function mc_decrypt($decrypt, $key, $iv)
{
$decoded = base64_decode($decrypt);
$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');
mcrypt_generic_init($td, $key, $iv);
$decrypted = mdecrypt_generic($td, $decoded);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return trim($decrypted);
}
以及我的iPad应用程序中的这个Objective-C代码:
#import <CommonCrypto/CommonCryptor.h>
@implementation NSData (AES256)
- (NSData *)AES256EncryptWithKey:(NSString *)key {
// 'key' should be 32 bytes for AES256, will be null-padded otherwise
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
NULL /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer); //free the buffer;
return nil;
}
- (NSData *)AES256DecryptWithKey:(NSString *)key {
// 'key' should be 32 bytes for AES256, will be null-padded otherwise
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
NULL /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
}
free(buffer); //free the buffer;
return nil;
}
@end
尝试解密在iPad上编码和在PHP端解密的数据时,为什么会看到数据损坏?
解决方法:
检查您正在使用的密钥.在PHP中,MCRYPT_RIJNDAEL_128 _256等常量不代表键强度,而是代表所使用的块大小.
要使用PHP获得128位加密,您需要使用16个字节长的密钥.对于256,您需要32个字节,依此类推.
您的PHP和C代码对我来说都是正确的.确保在两种情况下都正确使用了密钥.
换个想法.看来您在C中使用的是PKCS#7填充.我不认为PHP默认情况下是设计用于该填充的.如果内存对我有用,我相信Mcrypt函数使用空填充.
最后,检查PHP中的初始化向量.我注意到您没有在C代码中使用一个,这意味着您不应该在PHP中接受$iv变量.应该将它作为NULL传递给mcrypt函数(但强烈建议不要这样做).
相反,您应该做的是在C代码中随机化IV(正在加密数据),然后将IV与加密的数据一起发送.您可以检测正在使用的算法的IV大小,并将其从加密数据的前面拆分出来,然后用于填充PHP方面的内容.这样可以进一步保护您的加密.
标签:objective-c,ipad,ios,php 来源: https://codeday.me/bug/20191208/2088565.html