AES 128兼容性与android和Objective C之间 [英] AES 128 Compatibility between android and Objective C
问题描述
这里是片段:
IOS
- (NSData *)EncryptAES :( NSString *)key {
char keyPtr [kCCKeySizeAES128 + 1];
bzero(keyPtr,sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr)encoding:NSUTF8StringEncoding];
size_t numBytesEncrypted = 0;
NSUInteger dataLength = [self length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void * buffer = malloc(bufferSize);
const unsigned char iv [] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
CCCryptorStatus result = CCCrypt(kCCEncrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
keyPtr,
kCCKeySizeAES128,
iv,
[自身字节],[自身长度],
缓冲区,bufferSize,
& numBytesEncrypted);
if(result == kCCSuccess)
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
else {
NSLog(@Failed AES);
}
return nil;
}
然后:
NSString * pass = @WORD_TO_ENCRYPT;
NSString * key = @STRING_KEY;
//加密 - APPROACH 1
NSData * data = [pass dataUsingEncoding:NSUTF8StringEncoding];
NSData * encryptedData = [data EncryptAES:key];
NSString * encryptedBase64 = [self Base64Encode:encryptedData];
NSLog(@%@,encryptedBase64);
这是我的Java功能:
String plainTextKey =STRING_KEY;
String plainText =WORD_TO_ENCRYPT;
//加密jo输入,查询输出,ENCRPYTION_KEY为关键字
// String inputtt =some clear text data;
byte [] input = new byte [0];
String skyKey;
input = plainText.getBytes(utf-8);
MessageDigest md;
md = MessageDigest.getInstance(MD5);
byte [] thedigest = md.digest(plainTextKey.getBytes(UTF-8));
SecretKeySpec skc = new SecretKeySpec(thedigest,AES);
密码密码= Cipher.getInstance(AES);
cipher.init(Cipher.ENCRYPT_MODE,skc);
byte [] cipherText = new byte [cipher.getOutputSize(input.length)];
int ctLength = cipher.update(input,0,input.length,cipherText,0);
ctLength + = cipher.doFinal(cipherText,ctLength);
String encode = Base64.encode(cipherText);
System.out.println(encode);
我不知道我失踪了,我的头撞在墙上。
提前感谢您的帮助!
PS:我没有任何特殊的理由使用AES128-ECB。如果多系统兼容性更简单,我可以使用任何其他算法。
避免使用硬编码的IV进行加密机制,至少在Android上。建议使用随机数生成器,但如果您不能提供随机值,至少从密钥构建IV。
另一方面,如果一切都是从密码派生出来的话,你将不会有很好的安全性;
确保存储加密期间使用的IV,以便您可以正确地将其应用于解密。
byte [] iv = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00,0x00,0x00};
cipher.init(Cipher.ENCRYPT_MODE,skc,new IvParameterSpec(iv));
I have two applications: Android and iOS (Objective-C). And I'm trying to implement and encryption system so I can encrypt on both apps and decrypt in a server application. The problem is that I'm using AES128-ECB but the base64 key that I'm getting from android does not match with my objective c key. I have no idea what I'm missing.
Here are the snippets: IOS
- (NSData*) EncryptAES: (NSString *) key{
char keyPtr[kCCKeySizeAES128+1];
bzero( keyPtr, sizeof(keyPtr) );
[key getCString: keyPtr maxLength: sizeof(keyPtr) encoding:NSUTF8StringEncoding];
size_t numBytesEncrypted = 0;
NSUInteger dataLength = [self length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
const unsigned char iv[] = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
CCCryptorStatus result = CCCrypt( kCCEncrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
keyPtr,
kCCKeySizeAES128,
iv,
[self bytes], [self length],
buffer, bufferSize,
&numBytesEncrypted );
if( result == kCCSuccess )
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
else {
NSLog(@"Failed AES");
}
return nil;
}
And then:
NSString *pass = @"WORD_TO_ENCRYPT";
NSString *key = @"STRING_KEY";
//Encryption - APPROACH 1
NSData *data = [pass dataUsingEncoding:NSUTF8StringEncoding];
NSData *encryptedData = [data EncryptAES:key];
NSString* encryptedBase64 = [self Base64Encode:encryptedData];
NSLog(@"%@", encryptedBase64);
This is my Java function:
String plainTextKey = "STRING_KEY";
String plainText = "WORD_TO_ENCRYPT";
// Encrypt where jo is input, and query is output and ENCRPYTION_KEy is key
//String inputtt = "some clear text data";
byte[] input = new byte[0];
String skyKey;
input = plainText.getBytes("utf-8");
MessageDigest md;
md = MessageDigest.getInstance("MD5");
byte[] thedigest = md.digest(plainTextKey.getBytes("UTF-8"));
SecretKeySpec skc = new SecretKeySpec(thedigest, "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, skc);
byte[] cipherText = new byte[cipher.getOutputSize(input.length)];
int ctLength = cipher.update(input, 0, input.length, cipherText, 0);
ctLength += cipher.doFinal(cipherText, ctLength);
String encode = Base64.encode(cipherText);
System.out.println(encode);
I'm banging my head against the wall without knowing what I'm missing. Thanks in advance for your help!
PS: I don't have any particular reason to use AES128-ECB. I can use any other algorithm if the multi system compatibility is simpler.
Avoid using an hardcoded IV for the encryption mechanism, at least on Android. The usage of Random Number Generators is advised, but if you can not provide a random value, at least build the IV from the key.
On the other hand, you won't have good security if everything is derived from the password; you need some randomness in every message.
Make sure to store the IV used during the encryption so you can properly apply it back on the decryption.
byte[] iv = {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
cipher.init(Cipher.ENCRYPT_MODE, skc, new IvParameterSpec(iv));
这篇关于AES 128兼容性与android和Objective C之间的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
