我在尝试解密服务器发送到我的应用程序的一些 AES 加密数据时遇到了困难。
为了解决问题,我编写了一个小型 java 程序来模拟服务器正在执行的操作。它使用 AES 加密一些测试数据,然后将其编码为 Base64:
AesCipherService cipherService = new AesCipherService();
cipherService.setKeySize(128);
String stringKey = "2EE1F10212ADD4BE";
byte[] keyAsBytes = stringKey.getBytes();
String text = "text to encrypt";
byte[] encryptedBytes = cipherService.encrypt(text.getBytes(), keyAsBytes).getBytes();
String base64String = Base64.encodeToString(encryptedBytes);
System.out.println(base64String);
// Reverse the process to check can retrieve "text to encrypt":
byte[] bytesToDecode = Base64.decode(base64String);
byte[] decryptedBytes = cipherService.decrypt(bytesToDecode, keyAsBytes).getBytes();
String decryptedString = new String(decryptedBytes);
System.out.println(decryptedString);
运行时,输出如下:
R5UBpP30YjX9Ae2HoPb2Rrfi5rQJY2d0ac1+zaIX5A4=
text to encrypt
这样我就可以成功加密数据,并将其打印出来。然后,如果我解密它,就会显示原始文本,所以这里的一切都工作正常。
现在这是我的 Obj-C 代码,我尝试解密从 Java 代码加密的数据。我已从 NetBeans IDE 输出窗口复制/粘贴加密数据作为要解密的 obj-c 内容的源数据:
- (void) decryptData
{
NSData* dataToDecrypt = [[NSData alloc] initWithBase64EncodedString: @"R5UBpP30YjX9Ae2HoPb2Rrfi5rQJY2d0ac1+zaIX5A4=" options: 0];
NSString* key = @"2EE1F10212ADD4BE";
char keyPtr[kCCKeySizeAES128];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [dataToDecrypt length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
kCCAlgorithmAES,
kCCOptionPKCS7Padding,
keyPtr,
kCCBlockSizeAES128,
keyPtr,
[dataToDecrypt bytes],
dataLength,
buffer,
bufferSize,
&numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
NSLog(@"Success");
NSData* unencryptedData = [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
Byte *unencryptedAsBytes = (Byte*)malloc(unencryptedData.length);
memcpy(unencryptedAsBytes, [unencryptedData bytes], unencryptedData.length);
NSString *decryptedString = [NSString stringWithUTF8String:[unencryptedData bytes]];
NSLog(@"%@", decryptedString);
}
}
运行时,状态为 kCCSuccess,numBytesDecrypted 为 32(与 dataLength 相同),但解密的字符串不是“要加密的文本”,decryptedString 为 nil,如果我在 Xcode 控制台中输入 unencryptedAsBytes,它会显示以下内容:
"\aY|\376\347cD*\320NC\x14\x91C\x88\301\341z\xaca\x11\371
知道这里出了什么问题吗?
最佳答案
Java加密代码生成一个随机IV并用它作为加密的前缀。为了解密,IV 被从加密中分离出来。
十六进制:
key: 32454531463130323132414444344245
iv: 479501A4FDF46235FD01ED87A0F6F646 (first 16 binary bytes of the full encryption)
encrypted: B7E2E6B40963677469CD7ECDA217E40E (rest of binary bytes of the full encryption)
decrypted: 7465787420746F20656E6372797074
Code:
NSData* fullEncrypted = [[NSData alloc] initWithBase64EncodedString: @"R5UBpP30YjX9Ae2HoPb2Rrfi5rQJY2d0ac1+zaIX5A4=" options: 0];
NSData *ivData = [fullEncrypted subdataWithRange:NSMakeRange(0, kCCBlockSizeAES128)];
NSData *encryptedData = [fullEncrypted subdataWithRange:NSMakeRange(kCCBlockSizeAES128, fullEncrypted.length-kCCBlockSizeAES128)];
NSLog(@"ivData: %@", ivData);
NSLog(@"encryptedData: %@", encryptedData);
NSData *keyData = [@"2EE1F10212ADD4BE" dataUsingEncoding:NSUTF8StringEncoding];
NSLog(@"keyData: %@", keyData);
NSMutableData *unencryptedData = [NSMutableData dataWithLength:encryptedData.length];
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
kCCAlgorithmAES,
kCCOptionPKCS7Padding,
keyData.bytes, keyData.length,
ivData.bytes,
encryptedData.bytes, encryptedData.length,
unencryptedData.mutableBytes, unencryptedData.length,
&numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
NSLog(@"Success");
unencryptedData.length = numBytesDecrypted;
NSLog(@"unencryptedData: %@", unencryptedData);
NSString *decryptedString = [[NSString alloc] initWithData:unencryptedData encoding:NSUTF8StringEncoding];
NSLog(@"decryptedString: %@", decryptedString);
}
Output:
ivData: 479501a4 fdf46235 fd01ed87 a0f6f646
encryptedData: b7e2e6b4 09636774 69cd7ecd a217e40e
keyData: 32454531 46313032 31324144 44344245
Success
unencryptedData: 74657874 20746f20 656e6372 79707400
decryptedString: text to encrypt
关于java - 无法使用 Obj-C 解密使用 Java 加密的 AES 数据,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/45109625/