AES Rijndael在PHP服务器和iOS上生成有时不同的密码 [英] AES Rijndael on PHP server and iOS generates sometimes different ciphers
问题描述
我正在使用Jim Dovey的NSData + AESCrypt类别,由Michael Sedlaczek(2011-02-22)提供的NSString + AESCrypt。
I'm using NSData+AESCrypt category by Jim Dovey and NSString+AESCrypt by Michael Sedlaczek (2011-02-22).
在PHP上我有一个简单的脚本:
And on PHP I have a simple script:
<?php
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$key = '01234567890123456789012345678901';
$plaintext = "myworda";
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $plaintext, MCRYPT_MODE_ECB);
$base64encoded_ciphertext = base64_encode($ciphertext);
echo "ciphertext: ".$base64encoded_ciphertext."<br/>";
?>
在ObjC中:
NSString *key = @"01234567890123456789012345678901";
NSString *plaintext = [@"+l56Ia4yyK19D2x2+oCXuw==" AES256DecryptWithKey: key];
NSLog(@"plaintext: %@", plaintext);
我在PHP中更改变量$ plaintext,运行脚本,并将输出密码复制并粘贴到目标c解密它。
I change the variable $plaintext in PHP, run script and copy and paste the output-cipher to the Objective-c to decrypt it.
And:
-
我的话给了我+ l56Ia4yyK19D2x2 + oCXuw ==,我解密并在iOS上获得myword[OK]
"myword" gives me "+l56Ia4yyK19D2x2+oCXuw==" and I decrypt in and get "myword" on iOS [OK]
早安给了我5UdImsV1pQs60ovXmH74HQ ==,我在iOS上解密并获得早安[OK]
"good morning" gives me "5UdImsV1pQs60ovXmH74HQ==" and I decrypt in and get "good morning" on iOS [OK]
为什么#5失败了如果我尝试使用Xcode加密非常非常非常长的文本,我得到kl / ThEyuyUMmKSqU4 / fJS90UZoJ73S4gox2uCoWoIL8 =注意:
kl / ThEyuyUMmKSqU4 / fJS == kl / ThEyuyUMmKSqU4 / fJS
zzJOyvsXrGRt5 / zsnqjQww!= 90UZoJ73S4gox2uCoWoIL8 =
Why #5 fails? If I try to encrypt "very very very very long text" using Xcode, I get "kl/ThEyuyUMmKSqU4/fJS90UZoJ73S4gox2uCoWoIL8=" notice that: kl/ThEyuyUMmKSqU4/fJS == kl/ThEyuyUMmKSqU4/fJS zzJOyvsXrGRt5/zsnqjQww != 90UZoJ73S4gox2uCoWoIL8=
但是进一步,Xcode上加密早安给了我hVq1AuR8PAXSOztK26pmMw ==,而PHP给了5UdImsV1pQs60ovXmH74HQ ==,但是
But going further, encrypting "good morning" on Xcode gives me "hVq1AuR8PAXSOztK26pmMw==", while PHP gave "5UdImsV1pQs60ovXmH74HQ==", but Xcode decrypts both to "good morning" using the same key.
请帮助。
推荐答案
您的PHP代码正在使用ECB模式。我看不到您在ObjC中设置模式。大概你使用的是默认模式。可能的是,ObjC默认模式不是ECB,更可能是CBC。还要注意,每当你的明文是16字节或更少(这是一个或更少),解密就可以工作。当它大于16字节(即它扩展到第二个块)时,它将失败。
Your PHP code is using ECB mode. I cannot see where you are setting the mode in ObjC. Presumably you are using its default mode. It is possible that the ObjC default mode is not ECB, more likely CBC. Also notice that whenever your plaintext is 16 bytes or less (that is one block or less) the decryption works. When it is greater than 16 bytes (that is it extends into a second block) it fails.
我怀疑ObjC默认是CBC模式,零为零。这将仅仅是第一个块的ECB,对于第二个和后续的块是不同的。
I suspect that the ObjC default is CBC mode with a zero IV. That will act as if it is ECB for the first block only, and differ for the second and subsequent blocks.
ECB模式是不安全的,并泄漏信息。使用指定的IV代替CBC模式。至少更改您的PHP代码以使用CBC模式而不是ECB模式。
ECB mode is unsafe and leaks information. Use CBC mode with a specified IV instead. At the very least change your PHP code to use CBC mode instead of ECB mode.
这篇关于AES Rijndael在PHP服务器和iOS上生成有时不同的密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
