最近,我使用CCCrypt来实现一些自定义的加密算法。但是,当我使用CCCryptorUpdate来解密密文时,输出总是比原始纯文本少8个字节。以下是我的代码:
+ (void) EncryptBy3DES:(NSInputStream*)strmSrc Output:(NSOutputStream*)strmDest CryptoRef:(CCCryptorRef)tdesCrypto
{
size_t dataOutMoved;
uint8_t inputBuf[BlockSize];
uint8_t outputBuf[BlockSize];
CCCryptorStatus cryptStatus;
int iBytesRead = 0;
while ( (iBytesRead = [strmSrc read:inputBuf maxLength:BlockSize]) > 0 )
{
NSLog(@"Bytes read from plain buffer: %d", iBytesRead);
[Util FillBuffer:inputBuf Length:BlockSize Current:iBytesRead];
cryptStatus = CCCryptorUpdate(tdesCrypto, &inputBuf, BlockSize, &outputBuf, BlockSize, &dataOutMoved);
assert(dataOutMoved<=BlockSize && cryptStatus==noErr);
NSLog(@"EncDataOutMoved: %ld", dataOutMoved);
[Util FillBuffer:outputBuf Length:BlockSize Current:dataOutMoved];
[strmDest write:outputBuf maxLength:BlockSize];
}
}
+ (void) DecryptBy3DES:(NSInputStream*)strmSrc Output:(NSOutputStream*)strmDest CryptoRef:(CCCryptorRef)tdesCrypto
{
size_t dataOutMoved;
uint8_t inputBuf[BlockSize];
uint8_t outputBuf[BlockSize+kCCBlockSize3DES];
CCCryptorStatus cryptStatus;
int iBytesRead = 0;
while ( (iBytesRead = [strmSrc read:inputBuf maxLength:BlockSize]) > 0 )
{
NSLog(@"Bytes read from cipher buffer: %d", iBytesRead);
cryptStatus = CCCryptorUpdate(tdesCrypto, &inputBuf, BlockSize, &outputBuf, BlockSize+kCCBlockSize3DES, &dataOutMoved);
NSLog(@"Lengh needed: %zu", CCCryptorGetOutputLength(tdesCrypto, BlockSize, YES));
NSLog(@"DecDataOutMoved: %ld", dataOutMoved);
assert(dataOutMoved<=BlockSize && cryptStatus==noErr);
[strmDest write:outputBuf maxLength:dataOutMoved];
}
}
I encrypted 3 buffer of 4096. When decrypting them, the log shows that the size of 1st decrypted data is 4088, BUT! The missing data is actually in the begining of the 2nd decrypted data.
2012-04-14 15:17:41.929 otest[25168:7803] Bytes read from cipher buffer: 4096
2012-04-14 15:17:41.929 otest[25168:7803] Lengh needed: 4104
2012-04-14 15:17:41.930 otest[25168:7803] DecDataOutMoved: 4088
end of 1st block:<..d71eaf27 affc4c8c b1c54afa c5434397 ebc17a49>
2012-04-14 15:17:45.291 otest[25168:7803] Bytes read from cipher buffer: 4096
2012-04-14 15:17:45.292 otest[25168:7803] Lengh needed: 4104
2012-04-14 15:17:45.293 otest[25168:7803] DecDataOutMoved: 4096
begining of 2nd block <**86b61bce b4342728** 88240a64 837327d4 0bb572a2 f5220928
请注意 86b61bce b4342728 是在加密前的第一个块的末尾。
我还检查了第一个区块的开头,我确信我没有弄乱数据范围。似乎数据已解密,但直到下一个操作才会检索它们。
我想在每个加密/解密操作中得到一个完整的块,但我不想使用函数CCCrypt,因为我必须将Key和Iv位都传递给它。我只想将CCCryptorRef传递给它,这相对简单。
休伯特
答案 0 :(得分:1)
您需要致电CCCryptFinal完成加密和解密。这将负责添加/删除填充。
答案 1 :(得分:1)
我使用CCCrypt函数对DES进行加密。当要加密的数据长度不是8字节的倍数时,会发生错误大小。
所以我按照以下方式处理:
- (NSString *) encryptUseDES:(NSString *)plainText key:(NSString *)key
{
NSString *ciphertext = nil;
const char *textBytes = [plainText UTF8String];
NSUInteger dataLength = [plainText length];
NSUInteger len1=dataLength % 8;
if(len1!=0)
{
dataLength+=(8-len1);
}
unsigned char buffer[1024];
memset(buffer, 0, sizeof(char));
size_t numBytesEncrypted = 0;
Byte iv[] = {0x02, 0x00, 0x01, 0x02, 0x00, 0x06, 0x00, 0x05};
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmDES,
NULL,
[key UTF8String], kCCKeySizeDES,
iv,
textBytes, dataLength,
buffer, 1024,
&numBytesEncrypted);
.....
}
然后一切都好!