我正在编写一个需要使用AES加密来加密密码的iPhone应用程序。我发现了许多不同的AES加密示例,但我发现实现的不同,不同的是样本。如果我也控制了解密过程,那也没关系,但我没有 - 我需要将加密的密码发送到.NET API,它将使用.NET代码解密密码。
我在下面包含C#代码。有人能指出我正确的方向,甚至更好,提供一些Objective-C代码来加密NSString,它将使用这个C#代码吗?
我提供的sharedSecret的长度是126个字符,所以我假设这是128位加密。或者sharedSecret应该是128个字符?
public class Crypto
{
private static byte[] _salt = Encoding.ASCII.GetBytes("SALT GOES HERE");
/// <summary>
/// Encrypt the given string using AES. The string can be decrypted using
/// DecryptStringAES(). The sharedSecret parameters must match.
/// </summary>
/// <param name="plainText">The text to encrypt.</param>
/// <param name="sharedSecret">A password used to generate a key for encryption.</param>
public static string EncryptStringAES(string plainText, string sharedSecret)
{
if (string.IsNullOrEmpty(plainText))
throw new ArgumentNullException("plainText");
if (string.IsNullOrEmpty(sharedSecret))
throw new ArgumentNullException("sharedSecret");
string outStr = null; // Encrypted string to return
RijndaelManaged aesAlg = null; // RijndaelManaged object used to encrypt the data.
try
{
// generate the key from the shared secret and the salt
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(sharedSecret, _salt);
// Create a RijndaelManaged object
aesAlg = new RijndaelManaged();
aesAlg.Key = key.GetBytes(aesAlg.KeySize / 8);
// Create a decrytor to perform the stream transform.
ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
// Create the streams used for encryption.
using (MemoryStream msEncrypt = new MemoryStream())
{
// prepend the IV
msEncrypt.Write(BitConverter.GetBytes(aesAlg.IV.Length), 0, sizeof(int));
msEncrypt.Write(aesAlg.IV, 0, aesAlg.IV.Length);
using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
{
//Write all data to the stream.
swEncrypt.Write(plainText);
}
}
outStr = Convert.ToBase64String(msEncrypt.ToArray());
}
}
finally
{
// Clear the RijndaelManaged object.
if (aesAlg != null)
aesAlg.Clear();
}
// Return the encrypted bytes from the memory stream.
return outStr;
}
/// <summary>
/// Decrypt the given string. Assumes the string was encrypted using
/// EncryptStringAES(), using an identical sharedSecret.
/// </summary>
/// <param name="cipherText">The text to decrypt.</param>
/// <param name="sharedSecret">A password used to generate a key for decryption.</param>
public static string DecryptStringAES(string cipherText, string sharedSecret)
{
if (string.IsNullOrEmpty(cipherText))
throw new ArgumentNullException("cipherText");
if (string.IsNullOrEmpty(sharedSecret))
throw new ArgumentNullException("sharedSecret");
// Declare the RijndaelManaged object
// used to decrypt the data.
RijndaelManaged aesAlg = null;
// Declare the string used to hold
// the decrypted text.
string plaintext = null;
try
{
// generate the key from the shared secret and the salt
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(sharedSecret, _salt);
// Create the streams used for decryption.
byte[] bytes = Convert.FromBase64String(cipherText);
using (MemoryStream msDecrypt = new MemoryStream(bytes))
{
// Create a RijndaelManaged object
// with the specified key and IV.
aesAlg = new RijndaelManaged();
aesAlg.Key = key.GetBytes(aesAlg.KeySize / 8);
// Get the initialization vector from the encrypted stream
aesAlg.IV = ReadByteArray(msDecrypt);
// Create a decrytor to perform the stream transform.
ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
using (CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
{
using (StreamReader srDecrypt = new StreamReader(csDecrypt))
// Read the decrypted bytes from the decrypting stream
// and place them in a string.
plaintext = srDecrypt.ReadToEnd();
}
}
}
finally
{
// Clear the RijndaelManaged object.
if (aesAlg != null)
aesAlg.Clear();
}
return plaintext;
}
private static byte[] ReadByteArray(Stream s)
{
byte[] rawLength = new byte[sizeof(int)];
if (s.Read(rawLength, 0, rawLength.Length) != rawLength.Length)
{
throw new SystemException("Stream did not contain properly formatted byte array");
}
byte[] buffer = new byte[BitConverter.ToInt32(rawLength, 0)];
if (s.Read(buffer, 0, buffer.Length) != buffer.Length)
{
throw new SystemException("Did not read byte array properly");
}
return buffer;
}
}
答案 0 :(得分:1)
在这种情况下,共享密钥的长度与密钥的位长度无关。您可以在此处看到C#如何使用Rfc2898DeriveBytes来获取密钥:
Rfc2898DeriveBytes key = new Rfc2898DeriveBytes(sharedSecret, _salt);
RFC 2898定义了PKCS5标准(意味着PBKDF2)。根据Microsoft的文档,它看起来默认的迭代计数为1000,因此您可以获得共享密钥,盐和迭代计数。如果将其插入到另一个PBKDF2实现中,该实现将为您提供需要用于加密的原始密钥。
接下来创建一个RijndaelManaged对象(Rijndael在标准化之前是AES的名称)并获取默认密钥大小(以比特为单位除以8来获取字节)。然后它从密钥变量中获取那么多字节。如果您找到此类的默认密钥大小,那么这就是AES密钥的大小。
(顺便说一句,在创建其中一个对象时,文档说明生成了一个随机IV,并且它默认为CBC,所以我们可以从这里开始假设)
接下来它会写出IV的长度,然后是IV本身。
msEncrypt.Write(BitConverter.GetBytes(aesAlg.IV.Length), 0, sizeof(int));
msEncrypt.Write(aesAlg.IV, 0, aesAlg.IV.Length);
毕竟它写了密文并且整个blob已经完成。
在解密方面,反向大致相同。首先它导出密钥,然后它抓取整个加密的blob并将其提供给ReadByteArray,后者提取IV。然后它使用密钥+ IV解密。
考虑到样本加密的blob和共享密钥,在Objective-C中实现它应该不会太难!
答案 1 :(得分:0)
如果你发送密码 - 你做错了。
永远不要以加密形式发送密码,这是一个安全漏洞:您必须维护客户端和服务器以使用最新的加密/解密库。您必须确保密钥不受损害,您需要不时更新密钥,因此将其传输到服务器和客户端。您必须为不同的密码使用不同的密钥。您必须确保服务器是安全且不受损害的,您需要知道您实际上是在与服务器等通信等。
相反,创建密码的强加密哈希(单向函数)并通过安全通道发送。这也意味着在服务器端你永远不会存储密码。