在 Swift 中使用 CCCrypt (CommonCrypt) 的问题 [英] Issue using CCCrypt (CommonCrypt) in Swift
问题描述
我正在将一个有效的 Objective-C 类别 (NSData+AESCrypt.m) 移植到 Swift,我发现使用指针时存在问题.Swift 中加密部分的代码可以正确编译,但会产生运行时 EXEC_BAD_ACCES 错误.
我到目前为止的代码是(我试图尽可能地剖析代码):
let key = "123456789012345678901234567890120"让 keyLength = UInt(kCCKeySizeAES256 + 1)let keyPointer = strdup(key)//将 key 转换为 <UnsafeMutablePointer<Int8>let message = "不要尝试阅读此文本.绝密资料"让数据 = (消息作为 NSString).dataUsingEncoding(NSUTF8StringEncoding)让 dataBytes = data?.bytes让长度=数据?.长度让 dataLength = UInt(长度!)让 dataPointer = UnsafePointer(dataBytes!)让操作:CCOperation = UInt32(kCCEncrypt)让算法:CCAlgorithm = UInt32(kCCAlgorithmAES128)让选项:CCOptions = UInt32(kCCOptionECBMode + kCCOptionPKCS7Padding)让 cryptBufferSize = UInt(dataLength + kCCBlockSizeAES128)var cryptBuffer = [UInt8](计数:Int(cryptBufferSize),repeatedValue:0)var cryptBufferPointer = UnsafeMutablePointer(cryptBuffer)var numBytesEncrypted = UnsafeMutablePointer()var cryptStatus = CCCrypt(操作、算法、选项、keyPointer、keyLength、nil、dataPointer、dataLength、cryptBufferPointer、cryptBufferSize、numBytesEncrypted)如果 UInt32(cryptStatus) == UInt32(kCCSuccess) {让大小 = NSInteger(cryptBufferSize)让 encryptedData = NSData(字节:cryptBufferPointer,长度:大小)让 encryptedString = NSString(数据: encryptedData, 编码: NSUTF8StringEncoding)println("Encrypted String = (encryptedString)")//EXEC_BAD_ACCESS 错误} 别的 {println("错误:(cryptStatus)")} encryptedData 对象显示以下信息:
<279c2d0f d3ce2200 0dc10cc1 9df46e76 cb26f423 7c9bde76 f9d8d0e2 632acef9 74fb0614 4717422b 684d1889 e3ce882c 00000000 00000000 000但 encryptedString 在调试器中显示 0x0000000000,并尝试 println() 它会生成 EXEC_BAD_ACCESS 错误
知道缺少什么吗?
Rgds....
斯威夫特 2.0
这是一个例子
如果这不是所需要的,那么这些方法应该是一个很好的例子
注意:密钥字符串转换为数据
将 Security.framework 添加到项目中
将 #import <CommonCrypto/CommonCryptor.h> 添加到桥接头.
让 keyString = "12345678901234567890123456789012"让keyData:NSData!= (keyString as NSString).dataUsingEncoding(NSUTF8StringEncoding) as NSData!print("keyLength = (keyData.length), keyData = (keyData)")let message = "不要尝试阅读此文本.绝密资料"让数据:NSData!= (消息作为 NSString).dataUsingEncoding(NSUTF8StringEncoding) 作为 NSData!print("数据长度 = (data.length), 数据 = (data)")让 cryptData = NSMutableData(length: Int(data.length) + kCCBlockSizeAES128)!让 keyLength = size_t(kCCKeySizeAES256)让操作:CCOperation = UInt32(kCCEncrypt)让算法:CCAlgorithm = UInt32(kCCAlgorithmAES128)让选项:CCOptions = UInt32(kCCOptionECBMode + kCCOptionPKCS7Padding)var numBytesEncrypted :size_t = 0var cryptStatus = CCCrypt(操作,算法,选项,keyData.bytes,keyLength,零,数据字节,数据长度,cryptData.mutableBytes, cryptData.length,&numBytesEncrypted)如果 UInt32(cryptStatus) == UInt32(kCCSuccess) {cryptData.length = Int(numBytesEncrypted)print("cryptLength = (numBytesEncrypted), cryptData = (cryptData)")//并非所有数据都是 UTF-8 字符串,因此使用 Base64让 base64cryptString = cryptData.base64EncodedStringWithOptions(.Encoding64CharacterLineLength)打印(base64cryptString = (base64cryptString)")} 别的 {print("错误:(cryptStatus)")}输出:
keyLength = 32, keyData = <31323334 35363738 39303132 33343536 37383930 31323334 35363738 39303132>数据长度 = 46,数据 = <446f6ec2 b4742074 72792074 6f207265 61642074 68697320 74657874 2e20546f 70205365 63726574 20537475 6666>cryptLength = 48,cryptData = <118a32dc c23f7caa 883abc3c 1c7f0770 e200016b 2737acfa 17bb96fb a02b02a7 c147603b 06acd863 94bb8ff2 6cb14515>base64cryptString = EYoy3MI/fKqIOrw8HH8HcOIAAWsnN6z6F7uW+6ArAqfBR2A7BqzYY5S7j/JssUUV<上一页>
<块引用>
斯威夫特 3
iv 是加密数据的前缀
aesCBC128Encrypt 将创建一个随机 IV 并作为加密代码的前缀.aesCBC128Decrypt 将在解密期间使用前缀 IV.
输入是数据,键是数据对象.如果需要在调用方法中转换为和/或从编码形式(如 Base64).
密钥的长度应为 128 位(16 字节)、192 位(24 字节)或 256 位(32 字节).如果使用其他密钥大小,则会引发错误.
PKCS#7 填充默认设置.
此示例需要 Common Crypto
项目必须有一个桥接头:#import <CommonCrypto/CommonCrypto.h>
将 Security.framework 添加到项目中.
这是示例,不是生产代码.
枚举 AESError: Error {案例 KeyError((String, Int))案例 IVError((String, Int))案例 CryptorError((String, Int))}//iv 是加密数据的前缀func aesCBCEncrypt(data:Data, keyData:Data) 抛出 ->数据 {让 keyLength = keyData.count让 validKeyLengths = [kCCKeySizeAES128,kCCKeySizeAES192,kCCKeySizeAES256]if (validKeyLengths.contains(keyLength) == false) {throw AESError.KeyError(("无效的密钥长度", keyLength))}让 ivSize = kCCBlockSizeAES128;让 cryptLength = size_t(ivSize + data.count + kCCBlockSizeAES128)var cryptData = 数据(计数:cryptLength)让状态 = cryptData.withUnsafeMutableBytes {ivBytes inSecRandomCopyBytes(kSecRandomDefault, kCCBlockSizeAES128, ivBytes)}如果(状态!= 0){throw AESError.IVError(("IV 生成失败", Int(status)))}var numBytesEncrypted :size_t = 0让选项 = CCOptions(kCCOptionPKCS7Padding)让 cryptStatus = cryptData.withUnsafeMutableBytes {cryptBytes indata.withUnsafeBytes {dataBytes inkeyData.withUnsafeBytes {keyBytes inCCCrypt(CCOperation(kCCEncrypt),CCAlgorithm(kCCAlgorithmAES),选项,密钥字节,密钥长度,加密字节,数据字节,数据计数,cryptBytes+kCCBlockSizeAES128, cryptLength,&numBytesEncrypted)}}}如果 UInt32(cryptStatus) == UInt32(kCCSuccess) {cryptData.count = numBytesEncrypted + ivSize}别的 {throw AESError.CryptorError(("加密失败", Int(cryptStatus)))}返回加密数据;}//iv 是加密数据的前缀func aesCBCDecrypt(data:Data, keyData:Data) 抛出 ->数据?{让 keyLength = keyData.count让 validKeyLengths = [kCCKeySizeAES128,kCCKeySizeAES192,kCCKeySizeAES256]if (validKeyLengths.contains(keyLength) == false) {throw AESError.KeyError(("无效的密钥长度", keyLength))}让 ivSize = kCCBlockSizeAES128;让 clearLength = size_t(data.count - ivSize)var clearData = 数据(计数:clearLength)var numBytesDecrypted :size_t = 0让选项 = CCOptions(kCCOptionPKCS7Padding)让 cryptStatus = clearData.withUnsafeMutableBytes {cryptBytes indata.withUnsafeBytes {dataBytes inkeyData.withUnsafeBytes {keyBytes inCCCrypt(CCOperation(kCCDecrypt),CCAlgorithm(kCCAlgorithmAES128),选项,密钥字节,密钥长度,数据字节,dataBytes+kCCBlockSizeAES128, clearLength,cryptBytes,清除长度,&numBytesDecrypted)}}}如果 UInt32(cryptStatus) == UInt32(kCCSuccess) {clearData.count = numBytesDecrypted}别的 {throw AESError.CryptorError(("解密失败", Int(cryptStatus)))}返回清除数据;}示例用法:
让 clearData = "clearData0123456".data(使用:String.Encoding.utf8)!让 keyData = "keyData890123456".data(使用:String.Encoding.utf8)!print("clearData: (clearData as NSData)")print("keyData: (keyData as NSData)")var cryptData:数据?做 {cryptData = 尝试 aesCBCEncrypt(data:clearData, keyData:keyData)print("cryptData: (cryptData! as NSData)")}捕捉(让状态){print("错误 aesCBCEncrypt: (status)")}让解密数据:数据?做 {让 decryptData = 尝试 aesCBCDecrypt(data:cryptData!, keyData:keyData)print("decryptData: (decryptData! as NSData)")}捕捉(让状态){print("错误 aesCBCDecrypt: (status)")}示例输出:
clearData: <636c6561 72446174 61303132 33343536>关键数据:<6b657944 61746138 39303132 33343536>cryptData:<92c57393 f454d959 5a4d158f 6e1cd3e7 77986ee9 b2970f49 2bafcf1a 8ee9d51a bde49c31 d7780256 71837a61 60fa4be0>解密数据:<636c6561 72446174 61303132 33343536><上一页>
<块引用>
注意事项:
CBC 模式示例代码的一个典型问题是,它将随机 IV 的创建和共享留给用户.此示例包括生成 IV、为加密数据添加前缀并在解密期间使用前缀 IV.这将临时用户从 CBC 模式所需的细节中解放出来.
为了安全起见,加密数据也应该具有身份验证功能,此示例代码不提供此功能,以便更小并允许与其他平台更好的互操作性.
还缺少从密码中导出密钥的密钥,建议 PBKDF2used is text 密码用作密钥材料.
有关强大的生产就绪多平台加密代码,请参阅 RNCryptor.
I am porting a working Objective-C Category (NSData+AESCrypt.m) to Swift and I have found an issue working with the pointers. The code for the encrypting part in Swift compiles correctly, but generates a runtime EXEC_BAD_ACCES error.
The code I have so far is (I tried to dissect the code as much as possible) :
let key = "123456789012345678901234567890120"
let keyLength = UInt(kCCKeySizeAES256 + 1)
let keyPointer = strdup(key) // Convert key to <UnsafeMutablePointer<Int8>
let message = "Don´t try to read this text. Top Secret Stuff"
let data = (message as NSString).dataUsingEncoding(NSUTF8StringEncoding)
let dataBytes = data?.bytes
let length = data?.length
let dataLength = UInt(length!)
let dataPointer = UnsafePointer<UInt8>(dataBytes!)
let operation: CCOperation = UInt32(kCCEncrypt)
let algoritm: CCAlgorithm = UInt32(kCCAlgorithmAES128)
let options: CCOptions = UInt32(kCCOptionECBMode + kCCOptionPKCS7Padding)
let cryptBufferSize = UInt(dataLength + kCCBlockSizeAES128)
var cryptBuffer = [UInt8](count: Int(cryptBufferSize), repeatedValue: 0)
var cryptBufferPointer = UnsafeMutablePointer<UInt8>(cryptBuffer)
var numBytesEncrypted = UnsafeMutablePointer<UInt>()
var cryptStatus = CCCrypt(operation, algoritm, options, keyPointer, keyLength, nil, dataPointer, dataLength, cryptBufferPointer, cryptBufferSize, numBytesEncrypted)
if UInt32(cryptStatus) == UInt32(kCCSuccess) {
let size = NSInteger(cryptBufferSize)
let encryptedData = NSData(bytes: cryptBufferPointer, length: size)
let encryptedString = NSString(data: encryptedData, encoding: NSUTF8StringEncoding)
println("Encrypted String = (encryptedString)") // EXEC_BAD_ACCESS error
} else {
println("Error: (cryptStatus)")
}
The encryptedData object shows the following info:
<279c2d0f d3ce2200 0dc10cc1 9df46e76 cb26f423 7c9bde76 f9d8d0e2 632acef9 74fb0614 4717422b 684d1889 e3ce882c 00000000 00000000 00000000 0000>
But the encryptedString shows 0x0000000000 in the debugger, and trying to println() it generates the EXEC_BAD_ACCESS error
Any idea what is missing?
Rgds....
Swift 2.0
Here is an example
If this is not exactly what is needed the methods should be a good example
Note: the key string is converted to data
Add Security.framework to the project
Add #import <CommonCrypto/CommonCryptor.h> to the bridging header.
let keyString = "12345678901234567890123456789012"
let keyData: NSData! = (keyString as NSString).dataUsingEncoding(NSUTF8StringEncoding) as NSData!
print("keyLength = (keyData.length), keyData = (keyData)")
let message = "Don´t try to read this text. Top Secret Stuff"
let data: NSData! = (message as NSString).dataUsingEncoding(NSUTF8StringEncoding) as NSData!
print("data length = (data.length), data = (data)")
let cryptData = NSMutableData(length: Int(data.length) + kCCBlockSizeAES128)!
let keyLength = size_t(kCCKeySizeAES256)
let operation: CCOperation = UInt32(kCCEncrypt)
let algoritm: CCAlgorithm = UInt32(kCCAlgorithmAES128)
let options: CCOptions = UInt32(kCCOptionECBMode + kCCOptionPKCS7Padding)
var numBytesEncrypted :size_t = 0
var cryptStatus = CCCrypt(operation,
algoritm,
options,
keyData.bytes, keyLength,
nil,
data.bytes, data.length,
cryptData.mutableBytes, cryptData.length,
&numBytesEncrypted)
if UInt32(cryptStatus) == UInt32(kCCSuccess) {
cryptData.length = Int(numBytesEncrypted)
print("cryptLength = (numBytesEncrypted), cryptData = (cryptData)")
// Not all data is a UTF-8 string so Base64 is used
let base64cryptString = cryptData.base64EncodedStringWithOptions(.Encoding64CharacterLineLength)
print("base64cryptString = (base64cryptString)")
} else {
print("Error: (cryptStatus)")
}
Output:
keyLength = 32, keyData = <31323334 35363738 39303132 33343536 37383930 31323334 35363738 39303132>
dataLength = 46, data = <446f6ec2 b4742074 72792074 6f207265 61642074 68697320 74657874 2e20546f 70205365 63726574 20537475 6666>
cryptLength = 48, cryptData = <118a32dc c23f7caa 883abc3c 1c7f0770 e200016b 2737acfa 17bb96fb a02b02a7 c147603b 06acd863 94bb8ff2 6cb14515>
base64cryptString = EYoy3MI/fKqIOrw8HH8HcOIAAWsnN6z6F7uW+6ArAqfBR2A7BqzYY5S7j/JssUUV
Swift 3
The iv is prefixed to the encrypted data
aesCBC128Encrypt will create a random IV and prefixed to the encrypted code.
aesCBC128Decrypt will use the prefixed IV during decryption.
Inputs are the data and key are Data objects. If an encoded form such as Base64 if required convert to and/or from in the calling method.
The key should be exactly 128-bits (16-bytes), 192-bits (24-bytes) or 256-bits (32-bytes) in length. If another key size is used an error will be thrown.
PKCS#7 padding is set by default.
This example requires Common Crypto
It is necessary to have a bridging header to the project:
#import <CommonCrypto/CommonCrypto.h>
Add the Security.framework to the project.
This is example, not production code.
enum AESError: Error {
case KeyError((String, Int))
case IVError((String, Int))
case CryptorError((String, Int))
}
// The iv is prefixed to the encrypted data
func aesCBCEncrypt(data:Data, keyData:Data) throws -> Data {
let keyLength = keyData.count
let validKeyLengths = [kCCKeySizeAES128, kCCKeySizeAES192, kCCKeySizeAES256]
if (validKeyLengths.contains(keyLength) == false) {
throw AESError.KeyError(("Invalid key length", keyLength))
}
let ivSize = kCCBlockSizeAES128;
let cryptLength = size_t(ivSize + data.count + kCCBlockSizeAES128)
var cryptData = Data(count:cryptLength)
let status = cryptData.withUnsafeMutableBytes {ivBytes in
SecRandomCopyBytes(kSecRandomDefault, kCCBlockSizeAES128, ivBytes)
}
if (status != 0) {
throw AESError.IVError(("IV generation failed", Int(status)))
}
var numBytesEncrypted :size_t = 0
let options = CCOptions(kCCOptionPKCS7Padding)
let cryptStatus = cryptData.withUnsafeMutableBytes {cryptBytes in
data.withUnsafeBytes {dataBytes in
keyData.withUnsafeBytes {keyBytes in
CCCrypt(CCOperation(kCCEncrypt),
CCAlgorithm(kCCAlgorithmAES),
options,
keyBytes, keyLength,
cryptBytes,
dataBytes, data.count,
cryptBytes+kCCBlockSizeAES128, cryptLength,
&numBytesEncrypted)
}
}
}
if UInt32(cryptStatus) == UInt32(kCCSuccess) {
cryptData.count = numBytesEncrypted + ivSize
}
else {
throw AESError.CryptorError(("Encryption failed", Int(cryptStatus)))
}
return cryptData;
}
// The iv is prefixed to the encrypted data
func aesCBCDecrypt(data:Data, keyData:Data) throws -> Data? {
let keyLength = keyData.count
let validKeyLengths = [kCCKeySizeAES128, kCCKeySizeAES192, kCCKeySizeAES256]
if (validKeyLengths.contains(keyLength) == false) {
throw AESError.KeyError(("Invalid key length", keyLength))
}
let ivSize = kCCBlockSizeAES128;
let clearLength = size_t(data.count - ivSize)
var clearData = Data(count:clearLength)
var numBytesDecrypted :size_t = 0
let options = CCOptions(kCCOptionPKCS7Padding)
let cryptStatus = clearData.withUnsafeMutableBytes {cryptBytes in
data.withUnsafeBytes {dataBytes in
keyData.withUnsafeBytes {keyBytes in
CCCrypt(CCOperation(kCCDecrypt),
CCAlgorithm(kCCAlgorithmAES128),
options,
keyBytes, keyLength,
dataBytes,
dataBytes+kCCBlockSizeAES128, clearLength,
cryptBytes, clearLength,
&numBytesDecrypted)
}
}
}
if UInt32(cryptStatus) == UInt32(kCCSuccess) {
clearData.count = numBytesDecrypted
}
else {
throw AESError.CryptorError(("Decryption failed", Int(cryptStatus)))
}
return clearData;
}
Example usage:
let clearData = "clearData0123456".data(using:String.Encoding.utf8)!
let keyData = "keyData890123456".data(using:String.Encoding.utf8)!
print("clearData: (clearData as NSData)")
print("keyData: (keyData as NSData)")
var cryptData :Data?
do {
cryptData = try aesCBCEncrypt(data:clearData, keyData:keyData)
print("cryptData: (cryptData! as NSData)")
}
catch (let status) {
print("Error aesCBCEncrypt: (status)")
}
let decryptData :Data?
do {
let decryptData = try aesCBCDecrypt(data:cryptData!, keyData:keyData)
print("decryptData: (decryptData! as NSData)")
}
catch (let status) {
print("Error aesCBCDecrypt: (status)")
}
Example Output:
clearData: <636c6561 72446174 61303132 33343536>
keyData: <6b657944 61746138 39303132 33343536>
cryptData: <92c57393 f454d959 5a4d158f 6e1cd3e7 77986ee9 b2970f49 2bafcf1a 8ee9d51a bde49c31 d7780256 71837a61 60fa4be0>
decryptData: <636c6561 72446174 61303132 33343536>
Notes:
One typical problem with CBC mode example code is that it leaves the creation and sharing of the random IV to the user. This example includes generation of the IV, prefixed the encrypted data and uses the prefixed IV during decryption. This frees the casual user from the details that are necessary for CBC mode.
For security the encrypted data also should have authentication, this example code does not provide that in order to be small and allow better interoperability for other platforms.
Also missing is key derivation of the key from a password, it is suggested that PBKDF2 be used is text passwords are used as keying material.
For robust production ready multi-platform encryption code see RNCryptor.
这篇关于在 Swift 中使用 CCCrypt (CommonCrypt) 的问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
