問題
最近公司寫個項目,遇到的問題,在此記錄一下。後端和安卓端用的都是java,加密過程很順利,iOS端AES加密就沒那麼順利,我加解密後的值和後端不一致,導致無法正確解密。我一度認爲是我的代碼出現了問題,後來和後端一起調試,發現只有AES/CBC這種加密模式和java是兼容的,下面貼出來具體代碼:(已驗證可放心使用)
加密
//(key和iv向量這裏是16位的) 這裏是CBC加密模式,安全性更高
+ (NSString *)encryptAES128CBCData:(NSData *)data key:(NSString *)key gIv:(NSString *)Iv {
char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
char ivPtr[kCCKeySizeAES256+1];
memset(ivPtr, 0, sizeof(ivPtr));
[Iv getCString:ivPtr maxLength:sizeof(ivPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [data length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
keyPtr,
kCCBlockSizeAES128,
ivPtr,
[data bytes],
dataLength,
buffer,
bufferSize,
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
NSData *mydata = [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
NSString* strret = [mydata base64EncodedStringWithOptions:0];
return strret;
}
free(buffer);
return nil;
}
解密
+ (NSString *)decryptAESCBCData:(NSData *)encrptData key:(NSString *)key iv:(NSString *)vector {
char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
char ivPtr[kCCKeySizeAES256+1];
memset(ivPtr, 0, sizeof(ivPtr));
[enVector getCString:ivPtr maxLength:sizeof(ivPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [encrptData length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
keyPtr,
kCCBlockSizeAES128,
ivPtr,
[encrptData bytes],
dataLength,
buffer,
bufferSize,
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
NSData *resultData = [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
return [[NSString alloc] initWithData:resultData encoding:NSUTF8StringEncoding];
}
free(buffer);
return nil;
}
如果把參數kCCOptionPKCS7Padding變成kCCOptionECBMode | kCCOptionPKCS7Padding,就是ECB模式,這種模式不需要vector向量,但是和JAVA算出來不一致,如有其他方式,請留言。