openssl等效于AES256EncryptWithKey方法 [英] openssl equivalent for AES256EncryptWithKey method

问题描述

如何使用命令行openssl获得与以下目标c加密方法相同的结果？

How to get the same result as the following objective-c encrypting method with the command line openssl ?

- (NSData *)AES256EncryptWithKey:(NSString *)key {
    NSData *returnData = nil;

    char keyPtr[kCCKeySizeAES256+1];
    bzero(keyPtr, sizeof(keyPtr));
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];

    NSUInteger dataLength = [self length];
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);

    size_t numBytesEncrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
                                          kCCAlgorithmAES128,
                                          kCCOptionPKCS7Padding | kCCOptionECBMode,
                                          keyPtr,
                                          kCCBlockSizeAES128,
                                          NULL,
                                          [self bytes],
                                          dataLength,
                                          buffer,
                                          bufferSize,
                                          &numBytesEncrypted);

    if (cryptStatus == kCCSuccess) {
        returnData  = [[NSData alloc] initWithBytes:buffer length:numBytesEncrypted];
    }

    free(buffer);

    return returnData;
}

我尝试了以下的（带和不带-nosalt），但不成功：

I tried the following ones (with and without -nosalt), but unsuccessfully:

openssl aes-256-ecb -nosalt -in original.txt -out encrypted.txt
openssl aes-128-ecb -nosalt -in original.txt -out encrypted.txt

推荐答案

虽然可能，但你不应该。这个ObjC加密代码是非常破碎的。它正在创建密钥不正确，这就是为什么你有OpenSSL（这也创建密钥不好，但更好，以不同的方式）的麻烦。如果您希望ObjC加密模块与OpenSSL兼容，请参阅旨在处理此问题的 RNCryptor 。如果可能，我会避免使用OpenSSL，但目前没有一个简单的命令行替换，我推荐。

While it may be possible, you shouldn't. This ObjC encryption code is very broken. It's creating the key incorrectly, which is why you're having trouble with OpenSSL (which also creates keys poorly, but better, and in a different way). If you want an ObjC encryption module compatible with OpenSSL, see RNCryptor which is designed to handle this problem. If possible, I'd avoid OpenSSL, but there isn't currently a simple commandline replacement that I recommend.

查看RNCryptor的文档，为什么这个ObjC代码被打破，以及OpenSSl的aes加密例程的问题。

See the docs for RNCryptor for why this ObjC code is broken, and also the problems with OpenSSl's aes encryption routines.

这篇关于openssl等效于AES256EncryptWithKey方法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！