AES 128与CBC [英] AES 128 with CBC
问题描述
我在目标C中使用一个简单的AES 128而生气,没有办法在一个简单的测试中获得预期的加密文本。有没有人会告诉我我在做错什么?
I'm going mad with a simple AES 128 in Objective C and there's no way to get the expected ciphered text in a simple test. Could anyone tell me what am I doing wrong?
测试:
- (void)testAES128_1
{
NSString *testVector = @"6bc1bee22e409f96e93d7e117393172a";
NSString *initVector = @"000102030405060708090A0B0C0D0E0F";
NSString *key = @"2b7e151628aed2a6abf7158809cf4f3c";
NSString *expected = @"7649abac8119b246cee98e9b12e9197d";
NSData *inputData = [self dataFromHexString:testVector];
NSData *keyData = [self dataFromHexString:key];
NSData *expectedData = [self dataFromHexString:expected];
NSData *current = [inputData AES128EncryptWithIV:initVector andKey:key];
// What I get in current = cf2ea38a123be20765eb8c5c56caf224 != expected
BOOL res = [inputData isEqualToData:current];
XCTAssertTrue(res);
}
// For Converting incoming HexString into NSData
- (NSData *)dataFromHexString:(NSString *)string
{
NSMutableData *stringData = [[NSMutableData alloc] init];
unsigned char whole_byte;
char byte_chars[3] = {'\0','\0','\0'};
int i;
for (i=0; i < [string length] / 2; i++) {
byte_chars[0] = [string characterAtIndex:i*2];
byte_chars[1] = [string characterAtIndex:i*2+1];
whole_byte = strtol(byte_chars, NULL, 16);
[stringData appendBytes:&whole_byte length:1];
}
return stringData;
}
类别NSData(AES):
- (NSData *)AES128EncryptWithIV:(NSString *)iv andKey:(NSString *)key {
char ivPtr[kCCKeySizeAES128 + 1];
bzero(ivPtr, sizeof(ivPtr));
// fetch iv data
[iv getCString:ivPtr maxLength:sizeof(ivPtr) encoding:NSUTF8StringEncoding];
char keyPtr[kCCKeySizeAES128+1]; // room for terminator (unused)
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, 0,
keyPtr, kCCKeySizeAES128,
ivPtr /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer); //free the buffer;
return nil;
}
我正在使用这些AES测试向量集:
< a href =http://www.inconteam.com/software-development/41-encryption/55-aes-test-vectors#aes-cbc-128 =nofollow> http://www.inconteam。 com / software-development / 41-encryption / 55-aes-test-vectors#aes-cbc-128
I am working with these set of AES test vectors: http://www.inconteam.com/software-development/41-encryption/55-aes-test-vectors#aes-cbc-128
谢谢
推荐答案
只是你没有将十六进制ASCII码中的iv转换为 NSData
。示例测试向量有一个iv,以便获得使用Initialization向量所需的匹配密文。
Simply you are not converting the iv in hex ascii to an NSData
. The example test vector have an iv so to obtain the matching cipher text you need to use the Initialization vector.
注意:行:
BOOL res = [ inputData isEqualToData:current];
应为:
BOOL res = [expectedData isEqualToData:current];
Note: The line: BOOL res = [inputData isEqualToData:current]; should be: BOOL res = [expectedData isEqualToData:current];
注意:如果没有填充,输出块数不大。
Note: The output block count is not larger if there is no padding.
这是我的测试代码:
不需要一个类别,我只是使用方法类方法。
Here is my test code:
No need for a Category, I just make there methods class methods.
+ (void)testAES128_1 {
NSString *testVector = @"6bc1bee22e409f96e93d7e117393172a";
NSString *initVector = @"000102030405060708090A0B0C0D0E0F";
NSString *key = @"2b7e151628aed2a6abf7158809cf4f3c";
NSString *expected = @"7649abac8119b246cee98e9b12e9197d";
NSData *inputData = [self dataFromHexString:testVector];
NSData *keyData = [self dataFromHexString:key];
NSData *ivData = [self dataFromHexString:initVector];
NSData *expectedData = [self dataFromHexString:expected];
NSError *error;
NSData *current = [Test doCipher:inputData
iv:ivData
key:keyData
context:kCCEncrypt
error:&error];
BOOL res = [expectedData isEqualToData:current];
NSLog(@"Match: %@", res ? @"Yes" : @"No"); // Match: Yes
}
+ (NSData *)doCipher:(NSData *)dataIn
iv:(NSData *)iv
key:(NSData *)symmetricKey
context:(CCOperation)encryptOrDecrypt // kCCEncrypt or kCCDecrypt
error:(NSError **)error
{
CCCryptorStatus ccStatus = kCCSuccess;
size_t cryptBytes = 0;
NSMutableData *dataOut = [NSMutableData dataWithLength:dataIn.length + kCCBlockSizeAES128];
ccStatus = CCCrypt( encryptOrDecrypt,
kCCAlgorithmAES128,
0, //kCCOptionPKCS7Padding,
symmetricKey.bytes,
kCCKeySizeAES128,
iv.bytes,
dataIn.bytes,
dataIn.length,
dataOut.mutableBytes,
dataOut.length,
&cryptBytes);
if (ccStatus == kCCSuccess) {
dataOut.length = cryptBytes;
}
else {
if (error) {
*error = [NSError errorWithDomain:@"kEncryptionError"
code:ccStatus
userInfo:nil];
}
dataOut = nil;
}
return dataOut;
}
这篇关于AES 128与CBC的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!