加密8个字节的字符串/base64编码/最大长度20个字节 [英] Encrypt 8 byte string / base64 encode / max length 20 bytes
问题描述
在objective-c中加密和base64编码最大大小为20字节的UTF字符串的最佳方法/方法是什么?由于8字节的块大小,我倾向于Blowfish.
What is the best method/approach to encrypt and base64 encode a UTF String that has a max size of 20 bytes in objective-c? I'm leaning towards Blowfish because of the 8 byte block size.
请提供一些示例代码?谢谢.
Please provide some sample code? Thanks.
推荐答案
是.
DES,3DES和Blowfish的块大小为8字节,因此加密的输出为8字节,Base64编码的8字节将为12字节.
DES, 3DES and Blowfish have block sizes of 8-bytes so the encrypted output will be 8 bytes, Base64 encoding 8-bytes will result in 12 bytes.
AES的块大小为16,因此8字节+填充将为16字节的数据. Base64编码的16个字节将导致24个字节,因此AES无法正常工作.
AES has a block size of 16 so 8-bytes + padding will be 16-bytes of data. Base64 encoding 16-bytes will result in 24-bytes so AES will not work.
还有其他问题,例如CBC模式和iv,好的方案将使用随机iv并将其与加密消息一起传输.可以使用Base64中的其余位来传输部分iv.但这已经超越了问题.
There are other issues such as CBC mode and an iv, a good scheme would use a random iv and transport it with the encrypted message. One could use the remaining bits in the Base64 to transmit a partial iv. But this is getting past the question.
AES是当前首选的对称加密算法.不再建议将DES用于新工作,并且具有一些已知的弱密钥.也不建议使用河豚,但很多人都喜欢河豚,它可能比DES要好.
AES is the current preferred symmetric encryption algorithm. DES is not longer recommended for new work and has some known weak keys. Blowfish is also not recommended but a lot of people like it and it may be better than DES.
下面是一个示例,该示例使用带有64位密钥且没有iv的8字节数据.通过将Blowfish常数替换为3DES和24字节密钥,可以使用3DES.这不是推荐的解决方案,一个好的解决方案需要考虑使用情况,所需的安全性,数据值以及潜在的攻击者,例如iv和key.
Here is an example using 8-byte data with a 64-bit key and no iv. 3DES can be used by substitution of the Blowfish constants for 3DES and a 24-byte key. This is not a recommended solution, a good solution needs to consider usage, desired security, data value and potential attackers among other things such as iv and key.
+ (NSData *)doCipher:(NSData *)dataIn
iv:(NSData *)iv
key:(NSData *)symmetricKey
context:(CCOperation)encryptOrDecrypt
error:(NSError **)error
{
CCCryptorStatus ccStatus = kCCSuccess;
size_t cryptBytes = 0; // Number of bytes moved to buffer.
NSMutableData *dataOut = [NSMutableData dataWithLength:dataIn.length];
ccStatus = CCCrypt( encryptOrDecrypt,
kCCAlgorithmBlowfish,
0,
symmetricKey.bytes,
kCCKeySizeMinBlowfish,
nil,
dataIn.bytes, dataIn.length,
dataOut.mutableBytes, dataOut.length,
&cryptBytes);
if (ccStatus == kCCSuccess) {
dataOut.length = cryptBytes;
}
else {
if (error) {
*error = [NSError errorWithDomain:@"kEncryptionError"
code:ccStatus
userInfo:nil];
}
dataOut = nil;
}
return dataOut;
}
测试:
我将上述方法放到了名为Test
的类中.
Test:
I dropped the above method into a class names Test
.
uint8_t keyBytes[] = {0x11,0x12,0x13,0x14,0x15,0x16,0x17,0x18};
NSData *key = [NSData dataWithBytes:keyBytes length:8];
uint8_t dateBytes[] = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08};
NSData *data = [NSData dataWithBytes:dateBytes length:8];
NSLog(@"data: %@", data);
NSError *error;
NSData *encryptData = [Test doCipher:data iv:nil key:key context:kCCEncrypt error:&error];
NSString *encryptString = [encryptData base64EncodedStringWithOptions:0];
NSLog(@"encryptData: %@", encryptData);
NSLog(@"encryptString: %@", encryptString);
NSData *decryptData = [Test doCipher:encryptData iv:nil key:key context:kCCDecrypt error:&error];
NSLog(@"decryptData: %@", decryptData);
输出:
data: 01020304 05060708
encryptData: 9e8ec0a8 71ab9d10
encryptString: no7AqHGrnRA=
decryptData 01020304 05060708
这篇关于加密8个字节的字符串/base64编码/最大长度20个字节的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!