ios - 在 objective-c 中生成初始化向量

标签 ios objective-c encryption

java代码是

Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding");

byte[] ivBytes = new byte[c.getBlockSize()];
String IV = CryptoUtils.hexEncode(ivBytes);

它给出随机的 16 字节响应,如

563ffcecaa43753bd09613095ad24a12.

如何将相应的代码写入objective c?

我有一些 Objective-C 代码 -

 - (NSData *)createCipher:(NSString*)data WithKey:(NSString*)key {
 NSData* result = nil;

 // setup key
 unsigned char cKey[kCCKeySizeAES256]; // room for terminator (unused)
 bzero(cKey, sizeof(cKey)); // fill with zeroes (for padding)
 [key getBytes:cKey length:kCCKeySizeAES256];

 // setup iv
 char cIv[kCCBlockSizeAES128];
 bzero(cIv, kCCBlockSizeAES128);
 if (iv) {
 [iv getBytes:cIv length:kCCBlockSizeAES128];
 }

 // setup output buffer
 size_t bufferSize = [data length] + kCCBlockSizeAES128;
 void *buffer = malloc(bufferSize);

 // do encrypt
 size_t encryptedSize = 0;
 CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, //CCOperation op
 kCCAlgorithmAES128, //CCAlgorithm alg
 kCCOptionPKCS7Padding, //CCOptions
 cKey, //const void *key
 kCCKeySizeAES256, //size_t keyLength
 cIv, // optional initialization vector
 [data bytes], // optional per op and alg
 [data length],
 buffer, // data RETURNED here
 bufferSize,
 &encryptedSize);


 if (cryptStatus == kCCSuccess) {
 result = [NSData dataWithBytesNoCopy:buffer length:encryptedSize];
 } else {
 free(buffer);
 NSLog(@"[ERROR] failed to encrypt|CCCryptoStatus: %d", cryptStatus);
 }

 return result;
 }

但是这段代码是用来加密数据的,现在如何生成IV呢?

最佳答案

只为 IV 生成随机字节:

int             ivLength   = kCCBlockSizeAES128;
NSMutableData  *ivData = [NSMutableData dataWithLength:kCCBlockSizeAES128];
SecRandomCopyBytes(kSecRandomDefault, ivLength, ivData.mutableBytes);

这将产生适合 CCCrypt 的数据,只需使用 ivData.bytes

ivData 的使用示例:

ccStatus = CCCrypt(
                   ...
                   ivData.bytes,
                   ...
                  );

在加密时生成随机 IV 并将其作为前缀传递给加密数据以进行解密的完整示例:

+ (NSData *)aesCBCEncrypt:(NSData *)data
                         key:(NSData *)key
                       error:(NSError **)error
{
    if (key.length != 16 && key.length != 24 && key.length != 32) {
        *error = [NSError errorWithDomain:@"keyLengthError" code:-1 userInfo:nil];
        return nil;
    }

    CCCryptorStatus ccStatus   = kCCSuccess;
    int             ivLength   = kCCBlockSizeAES128;
    size_t          cryptBytes = 0;
    NSMutableData  *dataOut     = [NSMutableData dataWithLength:ivLength + data.length + kCCBlockSizeAES128];

    int status = SecRandomCopyBytes(kSecRandomDefault, ivLength, dataOut.mutableBytes);
    if (status != 0) {
        *error = [NSError errorWithDomain:@"ivError" code:status userInfo:nil];
        return nil;
    }
    ccStatus = CCCrypt(kCCEncrypt,
                       kCCAlgorithmAES,
                       kCCOptionPKCS7Padding,
                       key.bytes, key.length,
                       dataOut.bytes,
                       data.bytes, data.length,
                       dataOut.mutableBytes + ivLength, dataOut.length,
                       &cryptBytes);

    if (ccStatus == kCCSuccess) {
        dataOut.length = cryptBytes + ivLength;
    }
    else {
        if (error) {
            *error = [NSError errorWithDomain:@"kEncryptionError" code:ccStatus userInfo:nil];
        }
        dataOut = nil;
    }

    return dataOut;
}

+ (NSData *)aesCBCDecrypt:(NSData *)data
                         key:(NSData *)key
                       error:(NSError **)error
{
    if (key.length != 16 && key.length != 24 && key.length != 32) {
        *error = [NSError errorWithDomain:@"keyLengthError" code:-1 userInfo:nil];
        return nil;
    }

    CCCryptorStatus ccStatus   = kCCSuccess;
    int             ivLength   = kCCBlockSizeAES128;
    size_t          clearBytes = 0;
    NSMutableData *dataOut     = [NSMutableData dataWithLength:data.length - ivLength];

    ccStatus = CCCrypt(kCCDecrypt,
                       kCCAlgorithmAES,
                       kCCOptionPKCS7Padding,
                       key.bytes, key.length,
                       data.bytes,
                       data.bytes + ivLength, data.length - ivLength,
                       dataOut.mutableBytes, dataOut.length,
                       &clearBytes);

    if (ccStatus == kCCSuccess) {
        dataOut.length = clearBytes;
    }
    else {
        if (error) {
            *error = [NSError errorWithDomain:@"kEncryptionError" code:ccStatus userInfo:nil];
        }
        dataOut = nil;
    }

    return dataOut;
}

测试:

NSError *error;
NSData *key   = [@"Bad example key " dataUsingEncoding:NSUTF8StringEncoding];
NSData *clear = [@"Test Input"       dataUsingEncoding:NSUTF8StringEncoding];

NSData *encrypted = [Crypto aesCBCEncrypt:clear
                                         key:key
                                       error:&error];

NSData *decrypted = [Crypto aesCBCDecrypt:encrypted
                                         key:key
                                       error:&error];

NSLog(@"key:       %@", key);
NSLog(@"clear:     %@", clear);
NSLog(@"encrypted: %@", encrypted);
NSLog(@"decrypted: %@", decrypted);

输出:

key:       42616420 6578616d 706c6520 6b657920
clear:     54657374 20496e70 7574
encrypted: 44f02b5e 40bf5031 01cc55fd cad80a77 790b9d05 5a6c8de7 6c949191 d3ba57de
decrypted: 54657374 20496e70 7574

关于ios - 在 objective-c 中生成初始化向量,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46221794/

上一篇:ios - 无法完全隐藏 UIView

下一篇:ios - Mac 上的 Visual Studio for mac 是否与 Unity (IDE) 配合良好?

相关文章:

iOS:UIScrollView 检测滑动手势

ios - 在 iOS7 中弃用 : AudioSessionSetProperty

iphone - Iphone自定义Mapkit注释图像

android - android中视频文件的加密与解密

encryption - 如何加密某些东西以便可以使用三个 key 中的任意两个解密?

iphone - iPhone 中的 Web SQL 存储

ios - Realm:在编写新对象时,如何避免为关系创建对象?

ios - 从 UITableView 播放视频

ios - 从自定义方法设置 UILabel 的文本

encryption - 为什么秀尔算法只在量子计算机中有效?

©2024 IT工具网  联系我们