加密和解密iOS / Node.js安全查询 [英] Encrypt and Decrypt iOS/Node.js Security Inquiry

问题描述

我目前在两个平台上都使用AES128，而我的代码来自此答案


注意：我改变了代码，以偏离使用IV，因为我认为这是为了我的应用程序的目的是过度的。



node.js：

I'm currently using AES128 on both platforms and my code from this answer
Note: I changed the code a bit to deviate from using an IV because I thought it was overkill for the purpose of my application.

node.js:

    var CryptoJS = require("crypto-js");
    var crypto = require('crypto');
    var password = "1234567890123456";
    var salt = "gettingsaltyfoo!";
    var hash = CryptoJS.SHA256(salt);
    var key = CryptoJS.PBKDF2(password, hash, { keySize: 256/32, iterations: 1000 });
    var algorithm = 'aes128';
    console.log(key.toString(CryptoJS.enc.Base64));

function encrypt(text){
  var cipher = crypto.createCipher(algorithm,key.toString(CryptoJS.enc.Base64));
  var crypted = cipher.update(text,'utf8','hex');
  crypted += cipher.final('hex');
  return crypted;
}

function decrypt(text){
  var decipher = crypto.createDecipher(algorithm,key.toString(CryptoJS.enc.Base64));
  var dec = decipher.update(text,'hex','utf8');
  dec += decipher.final('utf8');
  return dec;
}

iOS：

iOS:

        #import <CommonCrypto/CommonCrypto.h>
NSString* password = @"1234567890123456";
NSString* salt = @"gettingsaltyfoo!";
-(NSString *)decrypt:(NSString*)encrypted64{

    NSMutableData* hash = [NSMutableData dataWithLength:CC_SHA256_DIGEST_LENGTH];
    NSMutableData* key = [NSMutableData dataWithLength:CC_SHA256_DIGEST_LENGTH];
    CC_SHA256(salt.UTF8String, (CC_LONG)strlen(salt.UTF8String), hash.mutableBytes);
    CCKeyDerivationPBKDF(kCCPBKDF2, password.UTF8String, strlen(password.UTF8String), hash.bytes, hash.length, kCCPRFHmacAlgSHA1, 1000, key.mutableBytes, key.length);
    NSLog(@"Hash : %@",[hash base64EncodedStringWithOptions:0]);
    NSLog(@"Key : %@",[key base64EncodedStringWithOptions:0]);


    NSData* encryptedWithout64 = [[NSData alloc] initWithBase64EncodedString:encrypted64 options:0];
    NSMutableData* decrypted = [NSMutableData dataWithLength:encryptedWithout64.length + kCCBlockSizeAES128];
    size_t bytesDecrypted = 0;
    CCCrypt(kCCDecrypt,
            kCCAlgorithmAES128,
            kCCOptionPKCS7Padding,
            key.bytes,
            key.length,
            NULL,
            encryptedWithout64.bytes, encryptedWithout64.length,
            decrypted.mutableBytes, decrypted.length, &bytesDecrypted);
    NSData* outputMessage = [NSMutableData dataWithBytes:decrypted.mutableBytes length:bytesDecrypted];
    NSString* outputString = [[NSString alloc] initWithData:outputMessage encoding:NSUTF8StringEncoding];
    NSLog(@"Decrypted : %@",outputString);


    return outputString;
}
-(NSString *)encrypt:(NSString *)toEncrypt{
    NSMutableData* hash = [NSMutableData dataWithLength:CC_SHA256_DIGEST_LENGTH];
    NSMutableData* key = [NSMutableData dataWithLength:CC_SHA256_DIGEST_LENGTH];
    CC_SHA256(salt.UTF8String, (CC_LONG)strlen(salt.UTF8String), hash.mutableBytes);
    CCKeyDerivationPBKDF(kCCPBKDF2, password.UTF8String, strlen(password.UTF8String), hash.bytes, hash.length, kCCPRFHmacAlgSHA1, 1000, key.mutableBytes, key.length);

    NSData* message = [toEncrypt dataUsingEncoding:NSUTF8StringEncoding];
    NSMutableData* encrypted = [NSMutableData dataWithLength:message.length + kCCBlockSizeAES128];
    size_t bytesEncrypted = 0;
    CCCrypt(kCCEncrypt,
            kCCAlgorithmAES128,
            kCCOptionPKCS7Padding,
            key.bytes,
            key.length,
            NULL,
            message.bytes, message.length,
            encrypted.mutableBytes, encrypted.length, &bytesEncrypted);
    NSString* encrypted64 = [[NSMutableData dataWithBytes:encrypted.mutableBytes length:bytesEncrypted] base64EncodedStringWithOptions:0];
    NSLog(@"Encrypted : %@",encrypted64);
    return encrypted64;
}

我的问题：盐这样吗？我正在尝试加密和解密密码（var密码和NSString密码可能会被硬编码到某些东西）。我已经在线阅读了，我需要用我的密码保存在我的数据库中。如果我对我的盐进行硬编码是不行的，我该如何将它从iOS发送到node.js并与盐一致？我的iOS请求应该是这样吗？

MY QUESTION: Is it okay if I hardcode the salt like this? I'm trying to encrypt and decrypt the password (the var password and NSString password will probably be hardcoded into something). I've read online that I need to keep my salt with my password in my db. If it's not okay if I hardcode my salt, how do I send it from iOS to node.js and be consistent with the salt? Should my iOS request look like this?

{
key:"someKeyGeneratedOnTheSpotWithRandomSalt",
password:"somePasswordGeneratedFromKey"
}

并在后端通过从数据库中拉取这些字段来检查密码

and in my backend check the password by pulling these fields from the database?

{
key:"someKeyGeneratedWhenTheUserFirstSignedUp",
password:"somePasswordGeneratedFromTheOrginalKeyWhenUserFirstSignedUp"
}

然后使用从两种情况生成的密钥和密码解密两个密码？

And then decrypt both passwords using the key and password generated from both scenarios?

或者使用硬编码的盐，说用户名，这样一来，每个用户的密钥总是相同的？

OR is it okay to have a hardcoded salt, say the username, so that way the key is always the same per user?

基本上我对我的加密模型是否有正确的想法感到困惑。

Basically I'm confused on whether or not I have the right idea for my encryption model.

感谢任何帮助。

推荐答案

通常使用随机盐并将其加密到加密数据中。所有这些也是常见的，所有这些都预先加上PBKDF2迭代计数以及版本号，有助于将来打样。最后，跳过一个iv可以减少第一个块的保护，你可以考虑一个认证散列​​。

Typically a random salt is used and prepended to the encrypted data. It is also common to all prepend the PBKDF2 iteration count along with a version number helps for future-proofing. Finally, skipping an iv reduces the protection of the first block and you might consider an authentication hash.

这与RNCryptor做的类似。请参阅 RNCryptor-Spec-v3.md 加密消息的细节。

This is similar to what RNCryptor does. See RNCryptor-Spec-v3.md for a detail of a encrypted message.

注意：

我不明白盐的CC_SHA256，这不是必要的。

Notes:
I don't understand CC_SHA256 of the salt, that shouldn't be necessary.

NSData * outputMessage = [NSMutableData dataWithBytes：decryptpted.mutableBytes
length：bytesDecrypted];

是不必要的，只需设置解密长度

decryptpted.length = bytesDecrypted;

并使用解密代替 outputMessage 。

这篇关于加密和解密iOS / Node.js安全查询的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！