aesEncrypt会产生不同的结果

时间:2017-12-08 19:58:40

标签: python swift encryption swift3 aes

我正在尝试加密Swift 3中的字符串,而我的加密每次都会提供不同的输出。这是为什么? (我在python中尝试过类似的加密,加密输出总是一样的)。

这是我的Swift 3 aesEncrypt功能:

func aesEncrypt(key:String, iv:Array<Any>, options:Int = kCCOptionPKCS7Padding) -> String? {
    if let keyData = sha256(string:key),
        let data = self.data(using: String.Encoding.utf8),
        let cryptData    = NSMutableData(length: Int((data.count)) + kCCBlockSizeAES128) {

        let keyLength              = size_t(kCCKeySizeAES128)
        let operation: CCOperation = UInt32(kCCEncrypt)
        let algorithm:  CCAlgorithm = UInt32(kCCAlgorithmAES128)
        let options:   CCOptions   = UInt32(options)

        var numBytesEncrypted :size_t = 0

        let cryptStatus = CCCrypt(operation,
                                  algorithm,
                                  options,
                                  (keyData as NSData).bytes, keyLength,
                                  iv,
                                  (data as NSData).bytes, data.count,
                                  cryptData.mutableBytes, cryptData.length,
                                  &numBytesEncrypted)
        // ADDED PRINT STATEMENTS 
        print("keyData")
        print(keyData)
        print("\(keyData as NSData)")
        print("iv")
        print(iv)
        var hex_iv = toHexString(arr: iv as! [UInt8])
        print(hex_iv)
        print("data")
        print(data)
        print("\(data as NSData)")

        print("encryption: cryptdata")
        print(cryptData)

        print("encryption: num bytes encrypted")
        print(numBytesEncrypted)

        if UInt32(cryptStatus) == UInt32(kCCSuccess) {
            cryptData.length = Int(numBytesEncrypted)
            let base64cryptString = cryptData.base64EncodedString(options: .lineLength64Characters)
            return base64cryptString
        }
        else {
            return nil
        }
    }
    return nil
}

当我尝试使用initial_string =“hello”运行以下代码时,每次都会得到不同的加密输出字符串。

let iv [UInt8](repeating: 0, count: 16)
let key = "sample_key"
let initial_string = "hello"

let encryptedString = initial_string.aesEncrypt(key: key, iv: iv)
print("Encrypted string")
print(encryptedString)

第一次使用“hello”字符串运行代码的示例输出:

keyData
32 bytes
<d5a78c66 e9b3ed40 b3a92480 c732527f 1a919fdc f68957d2 b7e9218f 6221085d>
iv
[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
data
5 bytes
<68656c6c 6f>
encryption: cryptdata
<b17d67fc 26e3f316 6a2bdfbf 9d387c2d 00000000 00>
encryption: num bytes encrypted
16
Encrypted string
Optional("sX1n/Cbj8xZqK9+/nTh8LQ==")

第二次使用“hello”字符串运行代码的示例输出:

keyData
32 bytes
<d5a78c66 e9b3ed40 b3a92480 c732527f 1a919fdc f68957d2 b7e9218f 6221085d>
iv
[0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0]
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
data
5 bytes
<68656c6c 6f>
encryption: cryptdata
<01b9f69b 45deb31d eda46c2d dc9ad9e8 00000000 00>
encryption: num bytes encrypted
16
Encrypted string
Optional("Abn2m0Xesx3tpGwt3JrZ6A==")

你能告诉我为什么每次输出相同的键,iv和字符串的输出都不一样吗?谢谢!

2 个答案:

答案 0 :(得分:0)

免责声明:我无法运行问题代码。除其他事项外,它还没有完整,缺少扩展声明。它似乎也是Swift 2代码,至少需要更新到Swift 3。

加密:cryptdata
&lt; 01b9f69b 45deb31d eda46c2d dc9ad9e8 00000000 00&gt;

完全错误,甚至是错误的长度加密数据将是块大小的倍数。

使用PKCS#7填充和CBC模式时,加密结果应为:C99A30D8DA44968418E8B66F42790216。见Cyyptomathic AES CALCULATOR。请注意0b0b0b0b0b0b0b0b0b0b0b是PKCS#7填充。

以下是Swift 3中的示例,这是 not production 代码,它至少缺少错误处理。

func SHA256(string:String) -> Data {
    let data = string.data(using:.utf8)!
    var hashData = Data(count: Int(CC_SHA256_DIGEST_LENGTH))

    _ = hashData.withUnsafeMutableBytes {digestBytes in
        data.withUnsafeBytes {messageBytes in
            CC_SHA256(messageBytes, CC_LONG(data.count), digestBytes)
        }
    }
    return hashData
}

func aesCBCEncrypt(data:Data, keyData:Data, ivData:Data) -> Data {
    let cryptLength = size_t(kCCBlockSizeAES128 + data.count + kCCBlockSizeAES128)
    var cryptData   = Data(count:cryptLength)
    var numBytesEncrypted :size_t = 0

    let cryptStatus = cryptData.withUnsafeMutableBytes {cryptBytes in
        data.withUnsafeBytes {dataBytes in
            keyData.withUnsafeBytes {keyBytes in
                ivData.withUnsafeBytes {ivBytes in
                    CCCrypt(CCOperation(kCCEncrypt),
                            CCAlgorithm(kCCAlgorithmAES),
                            CCOptions(kCCOptionPKCS7Padding),
                            keyBytes, keyData.count,
                            ivBytes,
                            dataBytes, data.count,
                            cryptBytes, cryptLength,
                            &numBytesEncrypted)
                }}}}

    cryptData.count = (cryptStatus == kCCSuccess) ? numBytesEncrypted : 0

    return cryptData;
}


let keyString = "sample_key"
let keyData = SHA256(string:keyString)
print("keyString: \(keyString)")
print("keyData:   \(hexEncode(keyData))")

let clearData = hexDecode("68656c6c6f")
// let keyData   = hexDecode("d5a78c66e9b3ed40b3a92480c732527f1a919fdcf68957d2b7e9218f6221085d")
let ivData    = hexDecode("00000000000000000000000000000000")

print("clearData: \(hexEncode(clearData))")
print("keyData:   \(hexEncode(keyData))")
print("ivData:    \(hexEncode(ivData))")

let cryptData = aesCBCEncrypt(data:clearData, keyData:keyData, ivData:ivData)
print("cryptData: \(hexEncode(cryptData))")

输出:

keyString: sample_key  
keyData:   d5a78c66e9b3ed40b3a92480c732527f1a919fdcf68957d2b7e9218f6221085d

clearData: 68656c6c6f
keyData:   d5a78c66e9b3ed40b3a92480c732527f1a919fdcf68957d2b7e9218f6221085d
ivData:    00000000000000000000000000000000
cryptData: c99a30d8da44968418e8b66f42790216

答案 1 :(得分:-1)

你看到了IV吗?这是初始化向量,用作计数器,使您每次加密都不同,使其更安全,更难以破解。所以基本上你的代码工作正常,但要正确解密,接收器不能只通过拥有Key,但需要IV也