我在 perl 中使用以下内容来加密 http:// 响应的正文。
use Crypt::CBC;
my $cipher = Crypt::CBC->new(
-key => 'testpasswordof32Charlength',
-cipher => "Crypt::OpenSSL::AES"
);
print $cipher->encrypt($data);
在 iOS 中,使用以下内容进行解密:
- (NSData *)AES256DecryptWithKey:(NSString *)key {
// 'key' should be 32 bytes for AES256, will be null-padded otherwise
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
NULL /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
}
free(buffer); //free the buffer;
return nil;
}
然后我执行以下操作来调用服务器上的 perl 例程
NSData *receivedData = [NSURLConnection
sendSynchronousRequest:theRequest
returningResponse:&theResponse
error:&theError];
[receivedData AES256DecryptWithKey:@"testpasswordof32Charlength"];
我在 receivedData NSData 中得到了垃圾......知道为什么吗?我可能遗漏了一些简单的东西(解密时不简单)......我确保我在 iOS 上使用 CBC 通过使用kCCOptionPKCS7Padding. 有任何想法吗?
拔掉(我只剩下一点点)头发!