在目标c中生成初始化向量 [英] Generate Initialization Vector In objective c

问题描述

Java代码是

Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");

byte[] ivBytes = new byte[c.getBlockSize()];
String IV = CryptoUtils.hexEncode(ivBytes);

它会随机提供16个字节的响应，例如

It's giving random 16 bytes response like

563ffcecaa43753bd09613095ad24a12.

563ffcecaa43753bd09613095ad24a12.

如何将相应的代码写入目标c?

How to write corresponding code into objective c?

我有一些目标C代码-

 - (NSData *)createCipher:(NSString*)data WithKey:(NSString*)key {
 NSData* result = nil;

 // setup key
 unsigned char cKey[kCCKeySizeAES256]; // room for terminator (unused)
 bzero(cKey, sizeof(cKey)); // fill with zeroes (for padding)
 [key getBytes:cKey length:kCCKeySizeAES256];

 // setup iv
 char cIv[kCCBlockSizeAES128];
 bzero(cIv, kCCBlockSizeAES128);
 if (iv) {
 [iv getBytes:cIv length:kCCBlockSizeAES128];
 }

 // setup output buffer
 size_t bufferSize = [data length] + kCCBlockSizeAES128;
 void *buffer = malloc(bufferSize);

 // do encrypt
 size_t encryptedSize = 0;
 CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, //CCOperation op
 kCCAlgorithmAES128, //CCAlgorithm alg
 kCCOptionPKCS7Padding, //CCOptions
 cKey, //const void *key
 kCCKeySizeAES256, //size_t keyLength
 cIv, // optional initialization vector
 [data bytes], // optional per op and alg
 [data length],
 buffer, // data RETURNED here
 bufferSize,
 &encryptedSize);


 if (cryptStatus == kCCSuccess) {
 result = [NSData dataWithBytesNoCopy:buffer length:encryptedSize];
 } else {
 free(buffer);
 NSLog(@"[ERROR] failed to encrypt|CCCryptoStatus: %d", cryptStatus);
 }

 return result;
 }

但是，此代码用于加密数据，现在如何生成IV?

However, this code is used to encrypt the data, now How to generate the IV ?

推荐答案

只需为IV生成随机字节:

Just generate random bytes for the IV:

int             ivLength   = kCCBlockSizeAES128;
NSMutableData  *ivData = [NSMutableData dataWithLength:kCCBlockSizeAES128];
SecRandomCopyBytes(kSecRandomDefault, ivLength, ivData.mutableBytes);

只需使用 ivData.bytes .这将产生适用于 CCCrypt 的数据.

That will produce data suitable for CCCrypt, just use ivData.bytes.

ivData的用法示例:

Example usage of ivData:

ccStatus = CCCrypt(
                   ...
                   ivData.bytes,
                   ...
                  );

有关在加密时生成随机IV并将其传递给加密数据以进行解密的完整示例:

Full example for generating a random IV at encryption and passing it prefixed to the encrypted data for decryption:

+ (NSData *)aesCBCEncrypt:(NSData *)data
                         key:(NSData *)key
                       error:(NSError **)error
{
    if (key.length != 16 && key.length != 24 && key.length != 32) {
        *error = [NSError errorWithDomain:@"keyLengthError" code:-1 userInfo:nil];
        return nil;
    }

    CCCryptorStatus ccStatus   = kCCSuccess;
    int             ivLength   = kCCBlockSizeAES128;
    size_t          cryptBytes = 0;
    NSMutableData  *dataOut     = [NSMutableData dataWithLength:ivLength + data.length + kCCBlockSizeAES128];

    int status = SecRandomCopyBytes(kSecRandomDefault, ivLength, dataOut.mutableBytes);
    if (status != 0) {
        *error = [NSError errorWithDomain:@"ivError" code:status userInfo:nil];
        return nil;
    }
    ccStatus = CCCrypt(kCCEncrypt,
                       kCCAlgorithmAES,
                       kCCOptionPKCS7Padding,
                       key.bytes, key.length,
                       dataOut.bytes,
                       data.bytes, data.length,
                       dataOut.mutableBytes + ivLength, dataOut.length,
                       &cryptBytes);

    if (ccStatus == kCCSuccess) {
        dataOut.length = cryptBytes + ivLength;
    }
    else {
        if (error) {
            *error = [NSError errorWithDomain:@"kEncryptionError" code:ccStatus userInfo:nil];
        }
        dataOut = nil;
    }

    return dataOut;
}

+ (NSData *)aesCBCDecrypt:(NSData *)data
                         key:(NSData *)key
                       error:(NSError **)error
{
    if (key.length != 16 && key.length != 24 && key.length != 32) {
        *error = [NSError errorWithDomain:@"keyLengthError" code:-1 userInfo:nil];
        return nil;
    }

    CCCryptorStatus ccStatus   = kCCSuccess;
    int             ivLength   = kCCBlockSizeAES128;
    size_t          clearBytes = 0;
    NSMutableData *dataOut     = [NSMutableData dataWithLength:data.length - ivLength];

    ccStatus = CCCrypt(kCCDecrypt,
                       kCCAlgorithmAES,
                       kCCOptionPKCS7Padding,
                       key.bytes, key.length,
                       data.bytes,
                       data.bytes + ivLength, data.length - ivLength,
                       dataOut.mutableBytes, dataOut.length,
                       &clearBytes);

    if (ccStatus == kCCSuccess) {
        dataOut.length = clearBytes;
    }
    else {
        if (error) {
            *error = [NSError errorWithDomain:@"kEncryptionError" code:ccStatus userInfo:nil];
        }
        dataOut = nil;
    }

    return dataOut;
}

测试:

NSError *error;
NSData *key   = [@"Bad example key " dataUsingEncoding:NSUTF8StringEncoding];
NSData *clear = [@"Test Input"       dataUsingEncoding:NSUTF8StringEncoding];

NSData *encrypted = [Crypto aesCBCEncrypt:clear
                                         key:key
                                       error:&error];

NSData *decrypted = [Crypto aesCBCDecrypt:encrypted
                                         key:key
                                       error:&error];

NSLog(@"key:       %@", key);
NSLog(@"clear:     %@", clear);
NSLog(@"encrypted: %@", encrypted);
NSLog(@"decrypted: %@", decrypted);

输出:

key:       42616420 6578616d 706c6520 6b657920
clear:     54657374 20496e70 7574
encrypted: 44f02b5e 40bf5031 01cc55fd cad80a77 790b9d05 5a6c8de7 6c949191 d3ba57de
decrypted: 54657374 20496e70 7574

这篇关于在目标c中生成初始化向量的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！