问题
最近公司写个项目,遇到的问题,在此记录一下。后端和安卓端用的都是java,加密过程很顺利,iOS端AES加密就没那么顺利,我加解密后的值和后端不一致,导致无法正确解密。我一度认为是我的代码出现了问题,后来和后端一起调试,发现只有AES/CBC这种加密模式和java是兼容的,下面贴出来具体代码:(已验证可放心使用)
加密
//(key和iv向量这里是16位的) 这里是CBC加密模式,安全性更高
+ (NSString *)encryptAES128CBCData:(NSData *)data key:(NSString *)key gIv:(NSString *)Iv {
char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
char ivPtr[kCCKeySizeAES256+1];
memset(ivPtr, 0, sizeof(ivPtr));
[Iv getCString:ivPtr maxLength:sizeof(ivPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [data length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
keyPtr,
kCCBlockSizeAES128,
ivPtr,
[data bytes],
dataLength,
buffer,
bufferSize,
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
NSData *mydata = [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
NSString* strret = [mydata base64EncodedStringWithOptions:0];
return strret;
}
free(buffer);
return nil;
}
解密
+ (NSString *)decryptAESCBCData:(NSData *)encrptData key:(NSString *)key iv:(NSString *)vector {
char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
char ivPtr[kCCKeySizeAES256+1];
memset(ivPtr, 0, sizeof(ivPtr));
[enVector getCString:ivPtr maxLength:sizeof(ivPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [encrptData length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
keyPtr,
kCCBlockSizeAES128,
ivPtr,
[encrptData bytes],
dataLength,
buffer,
bufferSize,
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
NSData *resultData = [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
return [[NSString alloc] initWithData:resultData encoding:NSUTF8StringEncoding];
}
free(buffer);
return nil;
}
如果把参数kCCOptionPKCS7Padding变成kCCOptionECBMode | kCCOptionPKCS7Padding,就是ECB模式,这种模式不需要vector向量,但是和JAVA算出来不一致,如有其他方式,请留言。