iOS和Android中的PBEWithMD5AndDES

时间:2014-06-12 16:19:23

标签: java android ios objective-c openssl

我使用PBEWithMD5AndDES算法编写了很多由Java编码的字符串。 现在我将代码移植到Objective-C中。但我无法正确解密数据。 我正在使用写成here的所有代码。 我在Java中使用这些函数来加密/解密数据:

@Override
protected void onCreate(Bundle savedInstanceState) {
    // TODO Auto-generated method stub
    super.onCreate(savedInstanceState);
    setContentView(R.layout.amain);

    try {
        viewKey();
    } catch (Exception e) {
        // TODO Auto-generated catch block
        e.printStackTrace();
        Log.d("checkingthevalue",e.toString());
    }
}

 private void viewKey() {
        // TODO Auto-generated method stub
         String pass = "password";
         String testStr = "TheSecretString";
         final byte[] SALT = {
                (byte) 0xaa, (byte) 0xaa, (byte) 0xce, (byte) 0xce,
                (byte) 0xaa, (byte) 0xaa, (byte) 0xce, (byte) 0xce,
            };
         try{
             SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBEWithMD5AndDES");
             SecretKey key = keyFactory.generateSecret(new PBEKeySpec(pass.toCharArray()));
             Cipher pbeCipher = Cipher.getInstance("PBEWithMD5AndDES");
             pbeCipher.init(Cipher.ENCRYPT_MODE, key, new PBEParameterSpec(SALT, 20));
             String strEnc = base64Encode(pbeCipher.doFinal(testStr.getBytes("UTF-8")));
             Log.d("ViewKey", "strEnc :: " + strEnc);
         }catch (Exception e)
         {
             Log.d("ViewKey","ERROR");
         }
    }
 private static String base64Encode(byte[] bytes) {
final int asd = Base64.URL_SAFE | Base64.NO_PADDING | Base64.NO_WRAP ;
            return Base64.encodeToString(bytes,asd);
        }

结果字符串(String strEnc)为"6_O6V3327e5vnNpMB7_wNg"

据我了解,我可以使用此类使用OpenSSL加密/解密iOS中的数据:

    - (void)viewDidLoad
    {
        [super viewDidLoad];
        [self testSSL3];
    }

    -(void) testSSL{
        PS_PBEwithMD5andDes *PBE = [[PS_PBEwithMD5andDes alloc] init];
        NSString *password = @"password";

        NSString *message = @"TheSecretString";
        int it = 20;
        {
            NSData *inData = [message dataUsingEncoding:NSUTF8StringEncoding];
            NSData *encData = [PBE encryptPBEWithMD5AndDESData:inData password:password iterations:it];
            NSString *encString = [encData base64EncodedString];

         NSLog(@":: %@",encString);
        }
    }

类PS_PBEwithMD5andDes:

PS_PBEwithMD5andDes.h
//
//  PS_PBEwithMD5andDes.h
//  
//
//  Created by Admin on 11.06.14.
//  Copyright (c) 2014 PS. All rights reserved.
//

#import <Foundation/Foundation.h>

@interface PS_PBEwithMD5andDes : NSObject

- (NSData *)encryptPBEWithMD5AndDESData:(NSData *)inData password:(NSString *)password iterations:(int)iterations;
- (NSData *)decryptPBEWithMD5AndDESData:(NSData *)inData password:(NSString *)password iterations:(int)iterations;
- (NSData *)encodePBEWithMD5AndDESData:(NSData *)inData password:(NSString *)password direction:(int)direction iterations:(int)iterations;

@end


PS_PBEwithMD5andDes.m

//
//  PS_PBEwithMD5andDes.m
//  
//
//  Created by Admin on 11.06.14.
//  Copyright (c) 2014 PS. All rights reserved.
//

#import "PS_PBEwithMD5andDes.h"
#import "libs/include_openssl/openssl/md5.h"
#import "libs/include_openssl/openssl/sha.h"
#import "libs/include_openssl/openssl/x509.h"
#import "libs/include_openssl/openssl/err.h"
#import "libs/include_openssl/openssl/evp.h"

@implementation PS_PBEwithMD5andDes


- (NSData *)encryptPBEWithMD5AndDESData:(NSData *)inData password:(NSString *)password  iterations:(int)iterations{
    return [self encodePBEWithMD5AndDESData:inData password:password direction:1 iterations:iterations];
}

- (NSData *)decryptPBEWithMD5AndDESData:(NSData *)inData password:(NSString *)password  iterations:(int)iterations {
    return [self encodePBEWithMD5AndDESData:inData password:password direction:0 iterations:iterations];
}

- (NSData *)encodePBEWithMD5AndDESData:(NSData *)inData password:(NSString *)password direction:(int)direction iterations:(int)iterations
{

    // Change salt and number of iterations for your project !!!

    static const char gSalt[] =
    {

(unsigned char) 0xaa, (unsigned char) 0xaa, (unsigned char) 0xce, (unsigned char) 0xce,
        (unsigned char) 0xaa, (unsigned char) 0xaa, (unsigned char) 0xce, (unsigned char) 0xce
    };

    unsigned char *salt = (unsigned char *)gSalt;
    int saltLen = strlen(gSalt);


    EVP_CIPHER_CTX cipherCtx;


    unsigned char *mResults;         // allocated storage of results
    int mResultsLen = 0;

    const char *cPassword = [password UTF8String];

    unsigned char *mData = (unsigned char *)[inData bytes];
    int mDataLen = [inData length];

    SSLeay_add_all_algorithms();
    X509_ALGOR *algorithm = PKCS5_pbe_set(NID_pbeWithMD5AndDES_CBC, iterations, salt, saltLen);




    memset(&cipherCtx, 0, sizeof(cipherCtx));

    if (algorithm != NULL)
    {
        EVP_CIPHER_CTX_init(&(cipherCtx));

        if (EVP_PBE_CipherInit(algorithm->algorithm, cPassword, strlen(cPassword),
                               algorithm->parameter, &(cipherCtx), direction))
        {

            EVP_CIPHER_CTX_set_padding(&cipherCtx, 1);

            int blockSize = EVP_CIPHER_CTX_block_size(&cipherCtx);
            int allocLen = mDataLen + blockSize + 1; // plus 1 for null terminator on decrypt
            mResults = (unsigned char *)OPENSSL_malloc(allocLen);


            unsigned char *in_bytes = mData;
            int inLen = mDataLen;
            unsigned char *out_bytes = mResults;
            int outLen = 0;



            int outLenPart1 = 0;
            if (EVP_CipherUpdate(&(cipherCtx), out_bytes, &outLenPart1, in_bytes, inLen))
            {
                out_bytes += outLenPart1;
                int outLenPart2 = 0;
                if (EVP_CipherFinal(&(cipherCtx), out_bytes, &outLenPart2))
                {
                    outLen += outLenPart1 + outLenPart2;
                    mResults[outLen] = 0;
                    mResultsLen = outLen;
                }
            } else {
                unsigned long err = ERR_get_error();
                ERR_load_crypto_strings();
                ERR_load_ERR_strings();
                char errbuff[256];
                errbuff[0] = 0;
                ERR_error_string_n(err, errbuff, sizeof(errbuff));
                NSLog(@"OpenSLL ERROR:\n\tlib:%d\n\tfunction:%d\n\treason:%d\n",
                      ERR_lib_error_string(err),
                      ERR_func_error_string(err),
                      ERR_reason_error_string(err));
                ERR_free_strings();
            }


            NSData *encryptedData = [NSData dataWithBytes:mResults length:mResultsLen]; 


            return encryptedData;
        }
    }
    return nil;

}
@end

iOS案例中的结果(NSString *encString)为@"h1wZWAuxI71flGJKGcwCOg=="

总结,结果:

在Java中:"6_O6V3327e5vnNpMB7_wNg" 在Objective-C中:@"h1wZWAuxI71flGJKGcwCOg=="

问题: 1)。为什么他们会给出不同的结果? 2)。如何解决问题? 3)。为什么在Objective-C的所有情况下,最后两个字母是"=="? 在Objective-C Im中使用OpenSSL库。

1 个答案:

答案 0 :(得分:1)

我和你有同样的问题;但我认为我解决了这个问题;

PBEWithMD5AndDES Encryption in iOS我用它来加密ios中的字符串;我将加密盐修改为:

static const char gSalt[] =
{
    (unsigned char)0x18, (unsigned char)0x79, (unsigned char)0x6D, (unsigned char)0x6D,
    (unsigned char)0x35, (unsigned char)0x3A, (unsigned char)0x6A, (unsigned char)0x60,
    (unsigned char)0x00
};

然后我将android的加密盐设置为:

private static byte[] salt = new byte[] {24, 121, 109, 109, 53, 58, 106, 96};

ios的salt值必须介于0-128之间(因为它的类型是unsigned char,而android的salt是字节类型)

final byte[] SALT = {
            (byte) 0xaa, (byte) 0xaa, (byte) 0xce, (byte) 0xce,
            (byte) 0xaa, (byte) 0xaa, (byte) 0xce, (byte) 0xce,
        };

这是你的盐,0xaa是170> 128所以当你把它转换为byte时,值会改变;所以你在android中的盐与ios中的salt不同;所以这就是你在android和ios中得到不同的base64字符串的原因;