我正在尝试对字符串或nsdictionary进行AES128加密,使用以下代码
NSString *str =@"Hello";
NSData* data = [str dataUsingEncoding:NSUTF8StringEncoding];
NSData *cipher = [data AES128EncryptWithKey:key];
//After that I converts nsdata into hex string
NSLog(@"%@",[self hexRepresentationWithSpaces_AS:NO withdata:cipher]);
-(NSData *)AES128EncryptWithKey:(NSString *)key
{
// ‘key’ should be 16 bytes for AES128
char keyPtr[kCCKeySizeAES128 + 1]; // room for terminator (unused)
bzero( keyPtr, sizeof( keyPtr ) ); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof( keyPtr ) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That’s why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc( bufferSize );
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt( kCCEncrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES128,
@"1234567812345678" /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted );
if( cryptStatus == kCCSuccess )
{
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free( buffer ); //free the buffer
return nil;
}
-(NSString*)hexRepresentationWithSpaces_AS:(BOOL)spaces withdata:(NSData*)data
{
const unsigned char* bytes = (const unsigned char*)[data bytes];
NSUInteger nbBytes = [data length];
//If spaces is true, insert a space every this many input bytes (twice this many output characters).
static const NSUInteger spaceEveryThisManyBytes = 4UL;
//If spaces is true, insert a line-break instead of a space every this many spaces.
static const NSUInteger lineBreakEveryThisManySpaces = 4UL;
const NSUInteger lineBreakEveryThisManyBytes = spaceEveryThisManyBytes * lineBreakEveryThisManySpaces;
NSUInteger strLen = 2*nbBytes + (spaces ? nbBytes/spaceEveryThisManyBytes : 0);
NSMutableString* hex = [[NSMutableString alloc] initWithCapacity:strLen];
for(NSUInteger i=0; i<nbBytes; ) {
[hex appendFormat:@"%02X", bytes[i]];
//We need to increment here so that the every-n-bytes computations are right.
++i;
if (spaces) {
if (i % lineBreakEveryThisManyBytes == 0) [hex appendString:@"'n"];
else if (i % spaceEveryThisManyBytes == 0) [hex appendString:@" "];
}
}
return hex ;
}
在服务器端添加了解密代码后的
function decrypt($code) {
//$key = $this->hex2bin($key);
$code = $this->hex2bin($code);
$iv = $this->iv;
$td = mcrypt_module_open('rijndael-128', '', 'cbc', $iv);
mcrypt_generic_init($td, $this->key, $iv);
$decrypted = mdecrypt_generic($td, $code);
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
return utf8_encode(trim($decrypted));
}
protected function hex2bin($hexdata) {
$bindata = '';
for ($i = 0; $i < strlen($hexdata); $i += 2) {
$bindata .= chr(hexdec(substr($hexdata, $i, 2)));
}
return $bindata;
}
1问题是生成的加密字符串不能在php中解密
我们正在尝试访问此链接
看一下这段代码,它将解密&加密明文在两种方式使用AES128 (Rijndael)与CBC和PKCS7填充在PHP和C使用CommonCrypto在OSX/iOS和MCRYPT在PHP:
OSX/iOS Code in C:
#include <CommonCrypto/CommonCryptor.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
/* Encrypt text */
char *encryptText(const unsigned char *clearText, char myKey[20], char myIv[20])
{
CCCryptorStatus status;
unsigned char cipherKey[kCCKeySizeAES128];
unsigned char cipherIv[kCCKeySizeAES128];
unsigned char cipherText[strlen((const char *)clearText) + kCCBlockSizeAES128];
size_t nEncrypted;
for (int i=0 ; i<kCCKeySizeAES128; i++)
{
cipherKey[i] = myKey[i];
cipherIv[i] = myIv[i];
}
status = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, cipherKey, kCCKeySizeAES128, cipherIv, clearText, strlen((const char *)clearText), cipherText, sizeof(cipherText), &nEncrypted);
if (status != kCCSuccess)
{
printf("CCCrypt() failed with error %d'n", status);
}
size_t cipherSize = nEncrypted;
char *encoded_data = b64_encode((const unsigned char*)cipherText, cipherSize);
return encoded_data;
}
/* Decrypt text */
int decode(unsigned char *dest, const char *buf)
{
char b[3];
int i;
b[2] = 0;
for(i=0; buf[i] ;i+=2)
{
b[0] = buf[i];
b[1] = buf[i+1];
dest[i/2] = (int) strtol(b, NULL, 0x10);
}
return 0;
}
char *decryptText(const unsigned char *cipherText, char myKey[20], char myIv[20])
{
unsigned char cipherKey[kCCKeySizeAES128];
unsigned char cipherIv[kCCKeySizeAES128];
for (int i=0 ; i<kCCKeySizeAES128; i++)
{
cipherKey[i] = myKey[i];
cipherIv[i] = myIv[i];
}
int lenKey = strlen((const char *)cipherKey);
char hex_key[(lenKey*2)+1];
char2hex((char *)cipherKey, hex_key);
int lenIv = strlen((const char *)cipherIv);
char hex_iv[(lenIv*2)+1];
char2hex((char *)cipherIv, hex_iv);
size_t cipherSize = strlen((const char *)cipherText);
unsigned char *decoded_data = b64_decode((const char*)cipherText, cipherSize);
int lenData = strlen((const char *)decoded_data);
char *hexcipherText;
hexcipherText = bin2hex(decoded_data, lenData);
CCCryptorStatus status;
int len = strlen((const char *)hexcipherText) / 2;
unsigned char clearText[len];
unsigned char decodedCipherText[len];
unsigned char decodedKey[len];
unsigned char decodedIv[len];
size_t nDecrypted;
int i;
decode(decodedKey, (const char *)hex_key);
decode(decodedCipherText, (const char *)hexcipherText);
decode(decodedIv, (const char *)hex_iv);
status = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, decodedKey, kCCKeySizeAES128, decodedIv, decoded_data, len, clearText, sizeof(clearText), &nDecrypted);
if (status != kCCSuccess)
{
printf("CCCrypt() failed with error %d'n", status);
}
int extraInfo = strlen((const char *)clearText);
char* toReturn = malloc(extraInfo + 1);
strcpy(toReturn, (const char *)clearText);
strcat(toReturn, "'0");
return toReturn;
}
注意base64编码&解码函数(b64_encode, b64_decode):
#ifdef b64_USE_CUSTOM_MALLOC
extern void* b64_malloc(size_t);
#endif
#ifdef b64_USE_CUSTOM_REALLOC
extern void* b64_realloc(void*, size_t);
#endif
int bufc = 0;
char* b64_buf_malloc()
{
char* buf = b64_malloc(B64_BUFFER_SIZE);
bufc = 1;
return buf;
}
char* b64_buf_realloc(unsigned char* ptr, size_t size)
{
if (size > bufc * B64_BUFFER_SIZE)
{
while (size > bufc * B64_BUFFER_SIZE) bufc++;
char* buf = b64_realloc(ptr, B64_BUFFER_SIZE * bufc);
if (!buf) return NULL;
return buf;
}
return (char *)ptr;
}
/* Encode in b64 */
char *b64_encode(const unsigned char *src, size_t len)
{
int i = 0;
int j = 0;
char *enc = NULL;
size_t size = 0;
unsigned char buf[4];
unsigned char tmp[3];
enc = (char *) b64_buf_malloc();
if (NULL == enc) { return NULL; }
while (len--)
{
tmp[i++] = *(src++);
if (3 == i)
{
buf[0] = (tmp[0] & 0xfc) >> 2;
buf[1] = ((tmp[0] & 0x03) << 4) + ((tmp[1] & 0xf0) >> 4);
buf[2] = ((tmp[1] & 0x0f) << 2) + ((tmp[2] & 0xc0) >> 6);
buf[3] = tmp[2] & 0x3f;
enc = (char *) b64_buf_realloc((unsigned char *)enc, size + 4);
for (i = 0; i < 4; ++i)
{
enc[size++] = b64_table[buf[i]];
}
i = 0;
}
}
if (i > 0)
{
for (j = i; j < 3; ++j)
{
tmp[j] = ''0';
}
buf[0] = (tmp[0] & 0xfc) >> 2;
buf[1] = ((tmp[0] & 0x03) << 4) + ((tmp[1] & 0xf0) >> 4);
buf[2] = ((tmp[1] & 0x0f) << 2) + ((tmp[2] & 0xc0) >> 6);
buf[3] = tmp[2] & 0x3f;
for (j = 0; (j < i + 1); ++j)
{
enc = (char *) b64_buf_realloc((unsigned char *)enc, size + 1);
enc[size++] = b64_table[buf[j]];
}
while ((i++ < 3))
{
enc = (char *) b64_buf_realloc((unsigned char *)enc, size + 1);
enc[size++] = '=';
}
}
enc = (char *) b64_buf_realloc((unsigned char *)enc, size + 1);
enc[size] = ''0';
return enc;
}
/* Decode b64 */
unsigned char *b64_decode(const char *src, size_t len)
{
return b64_decode_ex(src, len, NULL);
}
unsigned char *b64_decode_ex(const char *src, size_t len, size_t *decsize)
{
int i = 0;
int j = 0;
int l = 0;
size_t size = 0;
unsigned char *dec = NULL;
unsigned char buf[3];
unsigned char tmp[4];
dec = (unsigned char *) b64_buf_malloc();
if (NULL == dec) { return NULL; }
while (len--)
{
if ('=' == src[j]) { break; }
if (!(isalnum(src[j]) || '+' == src[j] || '/' == src[j])) { break; }
tmp[i++] = src[j++];
if (4 == i)
{
for (i = 0; i < 4; ++i)
{
for (l = 0; l < 64; ++l)
{
if (tmp[i] == b64_table[l])
{
tmp[i] = l;
break;
}
}
}
buf[0] = (tmp[0] << 2) + ((tmp[1] & 0x30) >> 4);
buf[1] = ((tmp[1] & 0xf) << 4) + ((tmp[2] & 0x3c) >> 2);
buf[2] = ((tmp[2] & 0x3) << 6) + tmp[3];
dec = (unsigned char *) b64_buf_realloc(dec, size + 3);
if (dec != NULL)
{
for (i = 0; i < 3; ++i)
{
dec[size++] = buf[i];
}
}
else
{
return NULL;
}
i = 0;
}
}
if (i > 0)
{
for (j = i; j < 4; ++j)
{
tmp[j] = ''0';
}
for (j = 0; j < 4; ++j)
{
for (l = 0; l < 64; ++l)
{
if (tmp[j] == b64_table[l])
{
tmp[j] = l;
break;
}
}
}
buf[0] = (tmp[0] << 2) + ((tmp[1] & 0x30) >> 4);
buf[1] = ((tmp[1] & 0xf) << 4) + ((tmp[2] & 0x3c) >> 2);
buf[2] = ((tmp[2] & 0x3) << 6) + tmp[3];
dec = (unsigned char *)b64_buf_realloc(dec, size + (i - 1));
if (dec != NULL)
{
for (j = 0; (j < i - 1); ++j)
{
dec[size++] = buf[j];
}
}
else
{
return NULL;
}
}
dec = (unsigned char *)b64_buf_realloc(dec, size + 1);
if (dec != NULL)
{
dec[size] = ''0';
}
else
{
return NULL;
}
if (decsize != NULL)
{
*decsize = size;
}
return dec;
}
还要注意bin2hex &char2hex功能:
/* Char to Hex conversion */
void char2hex(char* input, char* output)
{
int loop;
int i;
i=0;
loop=0;
while(input[loop] != ''0')
{
sprintf((char*)(output+i),"%02X", input[loop]);
loop+=1;
i+=2;
}
output[i++] = ''0';
}
/* Bin to Hex conversion */
static char hexconvtab[] = "0123456789abcdef";
static char* bin2hex(const unsigned char *old, const size_t oldlen)
{
char *result = (char*) malloc(oldlen * 2 + 1);
size_t i, j;
for (i = j = 0; i < oldlen; i++)
{
result[j++] = hexconvtab[old[i] >> 4];
result[j++] = hexconvtab[old[i] & 15];
}
result[j] = ''0';
return result;
}
/* Encrypt text */
function encRijndael($text, $key, $iv)
{
$block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
$padding = $block - (strlen($text) % $block);
$text .= str_repeat(chr($padding), $padding);
$crypttext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $text, MCRYPT_MODE_CBC, $iv);
return base64_encode($crypttext);
}
/* Decrypt Text */
function decRijndael($encrypted, $key, $iv)
{
$iv_utf = mb_convert_encoding($iv, 'UTF-8');
$toreturn = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($encrypted), MCRYPT_MODE_CBC, $iv_utf);
$toreturn = filter_var($toreturn, FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW);
return $toreturn;
}
我是从Jonathan Zdziarski的O'Reilly, Hacking and Securing iOS Applications这本书中学到的。