我需要解密用openssl加密的文件,如下所示:
openssl enc -d -aes-256-cfb8 -nopad -in myFile -iv myIV -K myKey
具体来说,iv和key是字节数组。示例(十六进制):
key: 5492557823faec274708eb34d263029084abe5544789340a1d3ccf6bd74774ad
iv: 01e2a0ac72375edec4b126b1197a2885
我该怎么做?
我试着按照AES/CFB8 IV size这样的例子,但结果很少。
编辑:
这是我已经尝试过的:
NSString *IVString = @"3d090e3f7a72d51ae4f4d0d15025926e";
NSString *KEYString = @"207ecf137586424952b8cfc3e7fd8ce9bd839a916c07b9d5f34d250315d91aa9";
NSData *myIV = [IVString decodeFromHexidecimal];
NSData *myKey = [KEYString decodeFromHexidecimal];
CCCryptorStatus result = CCCryptorCreateWithMode(kCCDecrypt,
kCCModeCFB8,
kCCAlgorithmAES128,
ccNoPadding,
[myIV bytes],
[myKey bytes],
kCCKeySizeAES256,
NULL,
0,
0,
0,
&_cryptor);
size_t *outLength;
NSMutableData *cipherData = [NSMutableData dataWithLength:self.length + kCCBlockSizeAES128];
if (result == kCCSuccess)
result = CCCryptorUpdate(_cryptor,
[self bytes],
[self length],
[cipherData mutableBytes],
[cipherData length],
outLength);
if (result == kCCSuccess)
result = CCCryptorFinal(_cryptor,
[cipherData mutableBytes],
[cipherData length],
outLength);
if (result == kCCSuccess)
result = CCCryptorRelease(_cryptor);
编辑2:
谢谢罗布,帮帮我了!
最终代码:
CCCryptorStatus result = CCCryptorCreateWithMode(kCCDecrypt,
kCCModeCFB8,
kCCAlgorithmAES128,
ccNoPadding,
[myIV bytes],
[myKey bytes],
kCCKeySizeAES256,
NULL,
0,
0,
0,
&cryptor);
size_t bufferLength = CCCryptorGetOutputLength(cryptor, [self length], false);
NSMutableData *buffer = [NSMutableData dataWithLength:bufferLength];
size_t outLength;
result = CCCryptorUpdate(cryptor,
[self bytes],
[self length],
[buffer mutableBytes],
[buffer length],
&outLength);
result = CCCryptorRelease(cryptor);
答案 0 :(得分:2)
您已将cipherData作为缓冲区传递,但您不会在其中创建任何空间。 (您也可以在更新和最终步骤中使用相同的缓冲区而不卸载结果,这样可能会破坏您的结果,尽管在这种情况下您可能会因为没有填充而逃脱它)。 (编辑:我几个小时前开始写这篇文章;我发现你从那以后改变了你的代码来分配缓冲区,但是你还在重复使用它,这会破坏你的结果。我也看到你从加密切换到解密了。注意那你的结果不是" cipherData"了。)
首先创建你的密码(这部分是正确的,虽然没有理由把它放在ivar中):
CCCryptorRef cryptor;
CCCryptorStatus result = CCCryptorCreateWithMode(kCCEncrypt,
...
&cryptor);
// FIXME: Return error
if (result != kCCSuccess) { NSAssert(@"Failed to create cryptor: %d", result) }
然后弄清楚你的缓冲区有多大:
size_t bufferLength = CCCryptorGetOutputLength(cryptor, [self length], true);
现在创建一个缓冲区:
NSMutableData *buffer = [NSMutableData dataWithLength:bufferLength];
设置输出变量:
size_t outLength;
NSMutable *cipherData = [NSMutableData data];
处理数据:
result = CCCryptorUpdate(cryptor,
[self bytes],
[self length],
[buffer mutableBytes],
[buffer length],
&outLength);
// FIXME: Release cryptor and return error
if (result != kCCSuccess) { NSAssert(@"Failed to encrypt: %d", result) }
将我们到目前为止的内容复制到最终结果中(参见注释):
[cipherData appendBytes:buffer.bytes length:outLength];
结束(因为没有填充,这可能没有做任何事情,但在一般情况下是必要的):
result = CCCryptorFinal(cryptor,
[buffer mutableBytes],
[buffer length],
&outLength);
// FIXME: Release cryptor and return error
if (result != kCCSuccess) { NSAssert(@"Failed to finalize: %d", result) }
如果我们有任何附加信息,并做最后的清理
[cipherData appendBytes:buffer.bytes length:outLength];
result = CCCryptorRelease(cryptor);
if (result != kCCSuccess) { NSLog(@"Failed to do final cleanup, ignoring: %d", result) }
那应该是它。
请注意,有些方法可以重做这个,所以你不必复制你的密文,通过在更新和最后一个之间移动缓冲区指针,但除非它有很多密文,我和#39; d只需按照简单的方式进行,然后制作副本。