以下是我要做的事情:
1)从用户那里获得普通的NSString
2)使用带有16字节长密钥的AES128进行加密(例如:0123456789abcdef)
3)将其发送到PHP服务器
4)将其解密为纯文本
但是如果输入的纯文本太长或太短,解密就会失败。
以下是我的工作:
链接https://tharindufit.wordpress.com/2011/12/15/aes128-encryption-in-ios-and-decryption-in-php/ 提供
NSData + AEScrypt.h
的NSData + AEScrypt.m
的NSString + AEScrypt.h
的NSString + AEScrypt.m
在ViewController.m 中
myserver.php 如果一切正常,我应该进入NSLog: 从PHP开始: 但是如果NSString * plainString太长或太短,
我来自PHP: 意思是,PHP无法解密它。
此外,我意识到' +'标志消失了#34;解密之前:"回声。但这似乎不是问题,因为有时解密会起作用。 我的问题是
为什么解密失败的普通NSString太长或太短?
我怎样才能解决这个问题??我似乎找不到任何解决方案。请帮忙...... #import "ViewController.h"
#import "NSString+AESCrypt.h"
...
-(void) sendPost {
//1. prepare 16-bytes long key
NSString *theKey = @"0123456789abcdef";
//2. prepare any plain NSString
NSString *plainString = @"abcdef";
//3. turn NSString into UTF-8 NSData
NSData *plainStringData = [plainString dataUsingEncoding:NSUTF8StringEncoding];
//4. turn UTF-8 NSData into AES128 Encrypted NSData with key
NSData *aesData = [plainStringData AES128EncryptWithKey: theKey];
//5. encode AES data into Base64-encoded NSString
NSString *base64String = [aesData base64EncodedStringWithOptions:0];
//check what the client is sending to the server
NSLog("Client plain text:%@ encrypted text:%@", plainString, base64String);
//Logs:
//Client plain text: abcdef encrypted text: iD+22cYZOlopuScGn42rAg==
/** do normal POST request to server ************/
//6. send 'base64String' to server
//set up parameter
NSString *parameter = [NSString stringWithFormat:@"data=%@", base64String];
NSData *parameterData = [parameter dataUsingEncoding:NSUTF8StringEncoding];
//set up URL
NSURL *url = [NSURL URLWithString: @"http://mywebsite.com/myserver.php"];
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
[request setHTTPBody:parameterData];
//set up as POST method
[request setHTTPMethod:@"POST"];
[request addValue: @"application/x-www-form-urlencoded; charset=utf-8" forHTTPHeaderField:@"Content-Type"];
NSURLConnection *connection = [[NSURLConnection alloc]initWithRequest:request delegate:self];
}
<?php
//1. receive data from client
$data = $_POST['data'];
//2. check what the server received
echo "Before decrypt:".$data
//this echoes:
//Before decrypt:iD 22cYZOlopuScGn42rAg==
//3. set up the same key as client's key
$key = "0123456789abcdef";
//4. decrypt AES
$decoded_data = decrypt_password($data, "0123456789abcdef");
//5. see the result
echo "After decrypt:".$decoded_data;
//this echoes:
//After decrypt: abcdef
function decrypt_password($pass,$key)
{
$base64encoded_ciphertext = $pass;
$res_non = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($base64encoded_ciphertext), MCRYPT_MODE_ECB);
$decrypted = $res_non;
$dec_s2 = strlen($decrypted);
$padding = ord($decrypted[$dec_s2-1]);
$decrypted = substr($decrypted, 0, -$padding);
return $decrypted;
}
?>
Client plain text: abcdef encrypted text: iD+22cYZOlopuScGn42rAg==
Before decrypt:iD 22cYZOlopuScGn42rAg==
After decrypt:abcdef
Before decrypt:pQGKv22BszWe5WN b9oOtQ==
After decrypt:
答案 0 :(得分:0)
找到答案。
当加密字符串包含“+”符号时,PHP会将其转换为空格,因为“+”符号是保留的。
因此,请使用urlencode()和urldecode(),如下所示:
<?php
$key = 'secretkey';
$string = $_GET['data'];
$string = urlencode($string);
$string = str_replace("+", "%2B",$string);
$string = urldecode($string);
$output = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($string), MCRYPT_MODE_CBC, md5(md5($key))), "\0");
?>