无法快速解密使用openssl -aes256加密的字符串

时间:2019-05-16 14:14:14

标签: ios swift openssl aes

我想在应用程序外部加密密钥并传递给应用程序。在应用程序中,再次使用那些密钥时,必须使用加密时使用的密钥来解密字符串。

在Swift中解密时使用哪个密钥? openssl命令生成的“ FUUU”或密钥

在Mac上,我正在使用openssl -aes256生成加密的字符串,但是迅速解密时,它始终返回nil。 如果我设置了由openssl生成的密钥,那么它将给出错误“错误:无法设置密钥”。和“错误:无法设置初始向量。” 

echo -n "TEST1" | openssl enc -aes256 -k FUUU -nosalt -a -p

控制台输出 

key=59C12FFF74992ED40F4DF80A56AB55AE7C513B17CB4B8CF8342E9444C7F7AF3B
iv =0BEE68AD25123B7076B91A5AFB549E33
bYbkQJcDFZt3y3UQEMbEeg==

在Swift中解密 

let encryptedMessage = "bYbkQJcDFZt3y3UQEMbEeg==".data(using: .utf8)!
let key256 = "59C12FFF74992ED40F4DF80A56AB55AE7C513B17CB4B8CF8342E9444C7F7AF3B" // 32 bytes for AES256
let iv = "0BEE68AD25123B7076B91A5AFB549E33" // 16 bytes for AES128

let aes256 = AES(key: key256, iv: iv)

let decryptedMessage256 = aes256?.decrypt(data: encryptedMessage)
print("Decrypted: \(String(bytes: decryptedMessage256, encoding: .utf8))")

AES 

import CommonCrypto

struct AES {

// MARK: - Value
// MARK: Private
private let key: Data
private let iv: Data

// MARK: - Initialzier
init?(key: String, iv: String) {
    guard key.count == kCCKeySizeAES128 || key.count == kCCKeySizeAES256, let keyData = key.data(using: .utf8) else {
        debugPrint("Error: Failed to set a key.")
        return nil
    }

    guard iv.count == kCCBlockSizeAES128, let ivData = iv.data(using: .utf8) else {
        debugPrint("Error: Failed to set an initial vector.")
        return nil
    }

    self.key = keyData
    self.iv  = ivData
}

// MARK: - Function
// MARK: Public
func encrypt(string: String) -> Data? {
    return crypt(data: string.data(using: .utf8), option: CCOperation(kCCEncrypt))
}

func decrypt(data: Data?) -> String? {
    guard let decryptedData = crypt(data: data, option: CCOperation(kCCDecrypt)) else { return nil }
    return String(bytes: decryptedData, encoding: .utf8)
}

func crypt(data: Data?, option: CCOperation) -> Data? {
    guard let data = data else { return nil }

    let cryptLength = [UInt8](repeating: 0, count: data.count + kCCBlockSizeAES128).count
    var cryptData   = Data(count: cryptLength)

    let keyLength = [UInt8](repeating: 0, count: kCCBlockSizeAES128).count
    let options   = CCOptions(kCCOptionPKCS7Padding)

    var bytesLength = Int(0)

    let status = cryptData.withUnsafeMutableBytes { cryptBytes in
        data.withUnsafeBytes { dataBytes in
            iv.withUnsafeBytes { ivBytes in
                key.withUnsafeBytes { keyBytes in
                    CCCrypt(option, CCAlgorithm(kCCAlgorithmAES), options, keyBytes, keyLength, ivBytes, dataBytes, data.count, cryptBytes, cryptLength, &bytesLength)
                }
            }
        }
    }

    guard UInt32(status) == UInt32(kCCSuccess) else {
        debugPrint("Error: Failed to crypt data. Status \(status)")
        return nil
    }

    cryptData.removeSubrange(bytesLength..<cryptData.count)
    return cryptData
}
}

1 个答案:

答案 0 :(得分:0)

恐怕桌面密码框架与移动密码框架不匹配,这是iOS上的常见问题,您需要创建自己的密码才能匹配它。

但是另一方面,您可以使用CryptoSwift,它非常可靠,我个人使用,它确实与服务器密码匹配,所以我认为它可以解决您的问题。

相关问题
最新问题