iOS:解密方法在使用A5芯片的设备上崩溃

时间:2015-10-13 14:51:42

标签: ios objective-c encryption

我尝试解密文件,但这种方法在使用A5芯片的设备上失败。 (信号SIGABRT)新设备工作正常。

为什么会这样?

- (void) decryptFile{

unsigned char bookhashChar[kCCKeySizeAES128+1];
NSData *stringBytes = [self.bookhash dataUsingEncoding: NSUTF8StringEncoding]; /* or some other encoding */
if (CC_SHA1([stringBytes bytes], (CC_LONG)[self.bookhash length], bookhashChar)) {
    /* SHA-1 hash has been calculated and stored in 'digest'. */
}
unsigned char idBookChar[CC_SHA1_DIGEST_LENGTH];
NSData *stringBytesForID = [self.book_id dataUsingEncoding: NSUTF8StringEncoding]; /* or some other encoding */
if (CC_SHA1([stringBytesForID bytes], (CC_LONG)[self.book_id length], idBookChar)) {
    /* SHA-1 hash has been calculated and stored in 'digest'. */
}

char resultKey[kCCKeySizeAES128+1];
for (int i = 0; i< kCCKeySizeAES128+1; i++) {
    resultKey[i] = (Byte)(bookhashChar[i] ^ idBookChar[i]);
}


char keyPtr[kCCKeySizeAES128 + 1];
bzero(keyPtr, sizeof(keyPtr));

char ivPtr[kCCKeySizeAES128 + 1];
bzero(ivPtr, sizeof(ivPtr));
char ivv[17] = { 0x00, 0x01, 0x02, 0x03, 0x00, 0x01, 0x02, 0x03, 0x03, 0x00, 0x06, 0x03, 0x07, 0x00, 0x00, 0x01 };

//[iv getCString:ivPtr maxLength:sizeof(ivPtr) encoding:NSUTF8StringEncoding];
//[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];

NSUInteger dataLength = [self.downloadedData length];

size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);

size_t numBytesDecrypted = 0;

CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,resultKey, kCCKeySizeAES128,
                                      ivv /* initialization vector (optional) */,
                                      [self.downloadedData bytes], dataLength, /* input */
                                      buffer, bufferSize, /* output */
                                      &numBytesDecrypted);

if (cryptStatus == kCCSuccess) {
    self.downloadedData = [[NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted] copy];
}

1 个答案:

答案 0 :(得分:1)

一个错误是使用select a.student_id from student_Queue_history as a where a.section_id in (1, 2) and not exists (select b.student_id from student_Queue_history as b where b.student_id = a.student_id and b.Date_entered > a.Date_entered) 作为返回的kCCKeySizeAES128+1大小。不要将值类型AES与SHA1混合。

CCSHA1的摘要大小为CC_SHA1_DIGEST_LENGTH,20个字节 CCSHA1的大小为16个字节。

kCCKeySizeAES128的缓冲区很小。

迟早会有3个字节的覆盖,并且会发生错误操作(可能发生崩溃)。

您可能只需要CCSHA1个字节,但缓冲区必须足够大kCCKeySizeAES128,然后使用所需的字节。

相关问题
最新问题