.NET中的CryptoStream不会从objective-C解密加密文件 [英] CryptoStream in .NET does not decrypt encrypted file from objective-C
问题描述
我在 .NET和Objective-C apps 之间实现兼容的二进制文件加密/解密。我在 Objective-C 端使用 RNCryptor 就我到达,我能够加密/解密字符串,但文件加密困扰我。问题是,当我读取文件并加密其数据并将其写入文件时,它不会在 .NET应用程序中解密。如果我计算Base64字符串的加密数据和解密,在.NET - 从Base64字符串创建字节数组,并解密与文件相同的登录,它解密。
在 Objective C和.NET CryptoStream ? p>
还是我缺少基本的东西?
目标C中加密文件的代码是: -
RNEncryptor * encryptor = [[RNEncryptor alloc] initWithSettings:kRNCryptorAES256Settings
password:password
handler:^(RNCryptor * cryptor,NSData * data){
@autoreleasepool
{
NSLog(@6 out of out data%d ,[data length]);
[encodedText appendString:[data base64EncodingWithLineLength:0]];
[outputStream write:data.bytes maxLength:data.length];
dispatch_semaphore_signal(semaphore);
data = nil;
if(cryptor.isFinished)
{
[outputStream close];
NSLog(@my encryptedText%@,encodedText);
encryptionError = cryptor.error;
//调用我的委托,我完成解密
}
}
}];
encryptor.filesize = [attrs fileSize];
while(inputStream.hasBytesAvailable)
{
@autoreleasepool
{
uint8_t buf [blockSize];
NSUInteger bytesRead = [inputStream read:buf maxLength:blockSize];
if(bytesRead> 0)
{
NSData * data = [NSData dataWithBytes:buf length:bytesRead];
}
total = total + bytesRead;
[encryptor addData:data];
dispatch_semaphore_wait(semaphore,DISPATCH_TIME_FOREVER);
}
}
}
[inputStream close];
[encryptor finish];
dispatch_semaphore_wait(semaphore,DISPATCH_TIME_FOREVER);
}
解密
[encodedText appendString:[data base64EncodingWithLineLength:0]];
始终有效,但文件不会解密。
更新:
RNEncryptor实际上是一个高级加密api为做正确的,而它有一个adhoc密文格式它是类型的结构。要匹配你的dotnet代码与adhoc格式,你必须使用 RNCryptor keyForPassword:salt:settings:与 RNCryptorKeyDerivationSettings 匹配你的Rfc2898DeriveBytes。例如:
{
.keySize = kCCKeySizeAES256,
.saltSize = 16,
.PBKDFAlgorithm = kCCPBKDF2,
.PRF = kCCPRFHmacAlgSHA1,
.rounds = 1000
}
b $ b
并使用 RNCryptorEngine 进行您的aes加密,并布局与您的adhoc .net格式匹配的密文。
| IV(16字节)|密码盐(16字节)|密文|
这是假设明文已经是正确的格式了
|消息长度(8字节)|某种类型的const标签(8字节)|消息| sha256消息哈希(32字节)|
您可能只想使用iOS的内置 CCCryptor 直接在这一点,而不是RNCryptor如果你需要使用纯文本格式(我猜你做)。
咨询: strong>
对于遇到这个问题的其他人,有与海报的.net密文结构的安全问题,不使用它。 p>
上一个答案:
RNCryptor执行验证加密。
它实际上应该与我的代码兼容:
对称认证加密的现代示例string(C#)
然后解密,使用RNEncryptor生成的内容:
var plainText = AESThanHmac.SimpleDecryptWithPassword(encryptedMessage,password,nonSecretPayloadLength:2);
nonSecretPayloadLength 为2,它将跳过 RNEncryptor标头的版本/选项。
I am implementing compatible binary file encryption/decryption between .NET and Objective-C apps. I am using RNCryptor package on Objective-C side. As far as I reached, I am able to encrypt/decrypt strings, but file encryption is troubling me. The problem is, when I read file and encrypt its data and write it to a file, it doesn't decrypt in .NET app. If I calculate Base64 string of encrpted data and decrypt that in .NET - creating byte array from Base64 string and decrypt with same login as of file, it decrypts.
Is there any difference between writing encrypted data to file in Objective C and .NETCryptoStream?
Or am I missing something basic? Code for encrypting file in objective C is :-
RNEncryptor *encryptor = [[RNEncryptor alloc] initWithSettings:kRNCryptorAES256Settings
password:password
handler:^(RNCryptor *cryptor, NSData *data) {
@autoreleasepool
{
NSLog(@"6length of out data %d",[data length]);
[encodedText appendString:[data base64EncodingWithLineLength:0]];
[outputStream write:data.bytes maxLength:data.length];
dispatch_semaphore_signal(semaphore);
data = nil;
if (cryptor.isFinished)
{
[outputStream close];
NSLog(@"my encryptedText %@",encodedText);
encryptionError = cryptor.error;
// call my delegate that I'm finished with decrypting
}
}
}];
encryptor.filesize=[attrs fileSize];
while (inputStream.hasBytesAvailable)
{
@autoreleasepool
{
uint8_t buf[blockSize];
NSUInteger bytesRead = [inputStream read:buf maxLength:blockSize];
if (bytesRead > 0)
{
NSData *data = [NSData dataWithBytes:buf length:bytesRead];
}
total = total + bytesRead;
[encryptor addData:data];
dispatch_semaphore_wait(semaphore, DISPATCH_TIME_FOREVER);
}
}
}
[inputStream close];
[encryptor finish];
dispatch_semaphore_wait(semaphore, DISPATCH_TIME_FOREVER);
}
Decrypting
[encodedText appendString:[data base64EncodingWithLineLength:0]];
always works but file doesn't decrypt.
Update:
RNEncryptor actually is a high level encryption api for doing aes right, while it has an adhoc ciphertext format it is the typcial construction. To match your dotnet code with it's on adhoc format, you will have to use RNCryptor keyForPassword:salt:settings: with RNCryptorKeyDerivationSettings matching your Rfc2898DeriveBytes. Such as:
{
.keySize = kCCKeySizeAES256,
.saltSize = 16,
.PBKDFAlgorithm = kCCPBKDF2,
.PRF = kCCPRFHmacAlgSHA1,
.rounds = 1000
}
And use RNCryptorEngine for your aes encryption, and layout the ciphertext matching your adhoc .net format.
| IV (16 bytes) | Password Salt (16 bytes) | Ciphertext |
This is assuming the plaintext is already in the right format too
| message length (8 bytes) | const tag of some sort (8 bytes) | message | sha256 hash of message (32 bytes) |
You may just want to use iOS's built-in CCCryptor directly at this point rather than RNCryptor if you need to make the plaintext format too (i'm guessing you do).
Advisory:
for the benefit of others who come across this question, there are security issues with the with the poster's .net ciphertext construction, don't use it.
Previous Answer:
RNCryptor does authenticated encryption.
It should actually be compatible with my code from: Modern Examples of Symmetric Authenticated Encryption of a string (C#)
Then to decrypt, what was produced with RNEncryptor, use:
var plainText = AESThanHmac.SimpleDecryptWithPassword(encryptedMessage, password, nonSecretPayloadLength: 2);
The nonSecretPayloadLength is to 2, so that it will skip the RNEncryptor Header's version/option.
这篇关于.NET中的CryptoStream不会从objective-C解密加密文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
