0

我正在程序中进行 AES 加密和解密。我解密时无法获得纯文本。我的代码如下...

- (NSData *)aesEncrypt:(NSString *)key data:(NSData *)data
{  
    // 'key' should be 32 bytes for AES256, will be null-padded otherwise  
    char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)  
    bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)   // fetch key data  
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];   
    NSUInteger dataLength = [data length];   
    //See the doc: For block ciphers, the output size will always be less than or equal to the input size plus the size of one block.  //That's why we need to add the size of one block here  
    size_t bufferSize = dataLength + kCCBlockSizeAES128;  
    void *buffer = malloc(bufferSize);   
    size_t numBytesEncrypted = 0;     
    CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, 
                                          kCCAlgorithmAES128, 
                                          kCCOptionPKCS7Padding,
                                          keyPtr, kCCKeySizeAES256,
                                          NULL /* initialization vector (optional) */,             
                                          [data bytes], 
                                          dataLength, /* input */             
                                          buffer, bufferSize, /* output */             &
                                          numBytesEncrypted);  
    if (cryptStatus == kCCSuccess) 
    {   
        //the returned NSData takes ownership of the buffer and will free it on deallocation   
        return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];  
    }   
    free(buffer); //free the buffer;  
    return nil; 
} 

- (NSData *)aesDecrypt:(NSString *)key data:(NSData *)data
{  
    // 'key' should be 32 bytes for AES256, will be null-padded otherwise  
    char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)  
    bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)   // fetch key data  
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];   
    NSUInteger dataLength = [data length];   
    //See the doc: For block ciphers, the output size will always be less than or equal to the input size plus the size of one block.  //That's why we need to add the size of one block here  
    size_t bufferSize = dataLength + kCCBlockSizeAES128;  
    void *buffer = malloc(bufferSize);   
    size_t numBytesEncrypted = 0;     
    CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, 
                                          kCCAlgorithmAES128, 
                                          kCCOptionPKCS7Padding,
                                          keyPtr, 
                                          kCCKeySizeAES256,
                                          NULL /* initialization vector (optional) */,             
                                          [data bytes], 
                                          dataLength, /* input */             
                                          buffer, 
                                          bufferSize, /* output */             
                                          &numBytesEncrypted);  
    if (cryptStatus == kCCSuccess) 
    {   
        //the returned NSData takes ownership of the buffer and will free it on deallocation   
        return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];  
    }   
    free(buffer); //free the buffer;  
    return nil; 
}
4

2 回答 2

1

加密或解密数据时,密钥必须相同。你是怎么调用解密方法的,你能分享一下代码吗?

于 2011-09-20T10:32:15.483 回答
0

您没有指定加密模式。使用 CBC 或 CTR。不要使用ECD,因为它不安全。您正在指定一个空 IV。这可能意味着系统正在提供随机(或零)IV。更好地明确指定 IV,并确保相同的 IV 用于加密和解密。

另一个常见的错误来源是试图将字节视为字符数据(反之亦然)。确保将字节视为字节,将字符视为字符,并且始终知道您正在处理的是哪一个。

于 2011-09-20T10:55:36.717 回答