AES 128与CBC [英] AES 128 with CBC
问题描述
我在目标C中使用一个简单的AES 128而生气,没有办法在一个简单的测试中获得预期的加密文本。有没有人会告诉我我在做错什么?
I'm going mad with a simple AES 128 in Objective C and there's no way to get the expected ciphered text in a simple test. Could anyone tell me what am I doing wrong?
测试:
- (void)testAES128_1
{
NSString *testVector = @"6bc1bee22e409f96e93d7e117393172a";
NSString *initVector = @"000102030405060708090A0B0C0D0E0F";
NSString *key = @"2b7e151628aed2a6abf7158809cf4f3c";
NSString *expected = @"7649abac8119b246cee98e9b12e9197d";
NSData *inputData = [self dataFromHexString:testVector];
NSData *keyData = [self dataFromHexString:key];
NSData *expectedData = [self dataFromHexString:expected];
NSData *current = [inputData AES128EncryptWithIV:initVector andKey:key];
// What I get in current = cf2ea38a123be20765eb8c5c56caf224 != expected
BOOL res = [inputData isEqualToData:current];
XCTAssertTrue(res);
}
// For Converting incoming HexString into NSData
- (NSData *)dataFromHexString:(NSString *)string
{
NSMutableData *stringData = [[NSMutableData alloc] init];
unsigned char whole_byte;
char byte_chars[3] = {'\0','\0','\0'};
int i;
for (i=0; i < [string length] / 2; i++) {
byte_chars[0] = [string characterAtIndex:i*2];
byte_chars[1] = [string characterAtIndex:i*2+1];
whole_byte = strtol(byte_chars, NULL, 16);
[stringData appendBytes:&whole_byte length:1];
}
return stringData;
}
类别NSData(AES):
- (NSData *)AES128EncryptWithIV:(NSString *)iv andKey:(NSString *)key {
char ivPtr[kCCKeySizeAES128 + 1];
bzero(ivPtr, sizeof(ivPtr));
// fetch iv data
[iv getCString:ivPtr maxLength:sizeof(ivPtr) encoding:NSUTF8StringEncoding];
char keyPtr[kCCKeySizeAES128+1]; // room for terminator (unused)
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, 0,
keyPtr, kCCKeySizeAES128,
ivPtr /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer); //free the buffer;
return nil;
}
我正在使用这些AES测试向量集:
< a href =http://www.inconteam.com/software-development/41-encryption/55-aes-test-vectors#aes-cbc-128 =nofollow> http://www.inconteam。 com / software-development / 41-encryption / 55-aes-test-vectors#aes-cbc-128
I am working with these set of AES test vectors: http://www.inconteam.com/software-development/41-encryption/55-aes-test-vectors#aes-cbc-128
谢谢
推荐答案
只是你没有将十六进制ASCII码中的iv转换为 NSData 。示例测试向量有一个iv,以便获得使用Initialization向量所需的匹配密文。
Simply you are not converting the iv in hex ascii to an NSData. The example test vector have an iv so to obtain the matching cipher text you need to use the Initialization vector.
注意:行:
BOOL res = [ inputData isEqualToData:current];
应为:
BOOL res = [expectedData isEqualToData:current];
Note: The line: BOOL res = [inputData isEqualToData:current]; should be: BOOL res = [expectedData isEqualToData:current];
注意:如果没有填充,输出块数不大。
Note: The output block count is not larger if there is no padding.
这是我的测试代码:
不需要一个类别,我只是使用方法类方法。
Here is my test code:
No need for a Category, I just make there methods class methods.
+ (void)testAES128_1 {
NSString *testVector = @"6bc1bee22e409f96e93d7e117393172a";
NSString *initVector = @"000102030405060708090A0B0C0D0E0F";
NSString *key = @"2b7e151628aed2a6abf7158809cf4f3c";
NSString *expected = @"7649abac8119b246cee98e9b12e9197d";
NSData *inputData = [self dataFromHexString:testVector];
NSData *keyData = [self dataFromHexString:key];
NSData *ivData = [self dataFromHexString:initVector];
NSData *expectedData = [self dataFromHexString:expected];
NSError *error;
NSData *current = [Test doCipher:inputData
iv:ivData
key:keyData
context:kCCEncrypt
error:&error];
BOOL res = [expectedData isEqualToData:current];
NSLog(@"Match: %@", res ? @"Yes" : @"No"); // Match: Yes
}
+ (NSData *)doCipher:(NSData *)dataIn
iv:(NSData *)iv
key:(NSData *)symmetricKey
context:(CCOperation)encryptOrDecrypt // kCCEncrypt or kCCDecrypt
error:(NSError **)error
{
CCCryptorStatus ccStatus = kCCSuccess;
size_t cryptBytes = 0;
NSMutableData *dataOut = [NSMutableData dataWithLength:dataIn.length + kCCBlockSizeAES128];
ccStatus = CCCrypt( encryptOrDecrypt,
kCCAlgorithmAES128,
0, //kCCOptionPKCS7Padding,
symmetricKey.bytes,
kCCKeySizeAES128,
iv.bytes,
dataIn.bytes,
dataIn.length,
dataOut.mutableBytes,
dataOut.length,
&cryptBytes);
if (ccStatus == kCCSuccess) {
dataOut.length = cryptBytes;
}
else {
if (error) {
*error = [NSError errorWithDomain:@"kEncryptionError"
code:ccStatus
userInfo:nil];
}
dataOut = nil;
}
return dataOut;
}
这篇关于AES 128与CBC的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
