该过程如下:
1-服务器(Web服务)生成AES密钥。
2-然后,服务器使用RSA将此密钥加密为以下Java代码。
3-客户端(iOS和/或Android)使用以下objective-c代码解密RSA中的AES密钥。
4-客户端再次使用RSA加密此AES密钥,如下面的objective-c代码,并发送到服务器。
问题:
此代码可以正常工作很多次,有时会给我(在服务器从客户端接收数据后)无效的AES密钥大小(不同的数字)
我的Java代码:(服务器)
public static byte[] encryptWithRSA(byte[] data,PublicKey clientKey) throws Exception {
byte[] cipherText = null;
try {
System.out.println("Start encryptWithRSA ");
Cipher encrypt = Cipher.getInstance("RSA/ECB/NoPadding", "BC");
encrypt.init(Cipher.ENCRYPT_MODE, clientKey);
cipherText = encrypt.doFinal(data);
} catch (Exception ex) {
System.err.println(ex.getMessage);
throw ex;
}
return cipherText;
}
public static byte[] decryptWithRSA(byte[] encryptedMessage,PrivateKey serverKey) throws Exception {
byte[] decryptedMessage = null;
try {
System.out.println("Start decryptWithRSA ");
Cipher decrypt = Cipher.getInstance("RSA/ECB/NoPadding", "BC");
decrypt.init(Cipher.DECRYPT_MODE, serverKey);
decryptedMessage = decrypt.doFinal(encryptedMessage);
} catch (Exception ex) {
System.err.println(ex.getMessage);
throw ex;
}
return decryptedMessage;
}
我的iOS代码,(客户端): (我正在使用this RSA implementation)
// Encrypt with RSA
- (NSData *)encryptData:(NSData *)data withKeyRef:(SecKeyRef) keyRef{
const uint8_t *srcbuf = (const uint8_t *)[data bytes];
size_t srclen = (size_t)data.length;
size_t block_size = SecKeyGetBlockSize(keyRef) * sizeof(uint8_t);
void *outbuf = malloc(block_size);
size_t src_block_size = block_size - 11;
NSMutableData *ret = [[NSMutableData alloc] init];
for(int idx=0; idx<srclen; idx+=src_block_size){
//NSLog(@"%d/%d block_size: %d", idx, (int)srclen, (int)block_size);
size_t data_len = srclen - idx;
if(data_len > src_block_size){
data_len = src_block_size;
}
size_t outlen = block_size;
OSStatus status = noErr;
status = SecKeyEncrypt(keyRef,
kSecPaddingNone, //kSecPaddingPKCS1 "I updated the padding to be none"
srcbuf + idx,
data_len,
outbuf,
&outlen
);
if (status != 0) {
NSLog(@"SecKeyEncrypt fail. Error Code: %d", status);
ret = nil;
break;
}else{
[ret appendBytes:outbuf length:outlen];
}
}
free(outbuf);
CFRelease(keyRef);
return ret;
}
// Decrypt with RSA
- (NSData *)decryptData:(NSData *)data withKeyRef:(SecKeyRef) keyRef{
const uint8_t *srcbuf = (const uint8_t *)[data bytes];
size_t srclen = (size_t)data.length;
size_t block_size = SecKeyGetBlockSize(keyRef) * sizeof(uint8_t);
UInt8 *outbuf = malloc(block_size);
size_t src_block_size = block_size;
NSMutableData *ret = [[NSMutableData alloc] init];
for(int idx=0; idx<srclen; idx+=src_block_size){
//NSLog(@"%d/%d block_size: %d", idx, (int)srclen, (int)block_size);
size_t data_len = srclen - idx;
if(data_len > src_block_size){
data_len = src_block_size;
}
size_t outlen = block_size;
OSStatus status = noErr;
status = SecKeyDecrypt(keyRef,
kSecPaddingNone ,
srcbuf + idx,
data_len,
outbuf,
&outlen
);
if (status != 0) {
NSLog(@"SecKeyEncrypt fail. Error Code: %d", status);
ret = nil;
break;
}else{
//the actual decrypted data is in the middle, locate it!
int idxFirstZero = -1;
int idxNextZero = (int)outlen;
for ( int i = 0; i < outlen; i++ ) {
if ( outbuf[i] == 0 ) {
if ( idxFirstZero < 0 ) {
idxFirstZero = i;
} else {
idxNextZero = i;
break;
}
}
}
[ret appendBytes:&outbuf[idxFirstZero+1] length:idxNextZero-idxFirstZero-1];
}
}
free(outbuf);
CFRelease(keyRef);
return ret;
}
感谢您的关注......