可以将文章内容翻译成中文,广告屏蔽插件可能会导致该功能失效(如失效，请关闭广告屏蔽插件后再试):

问题:

I am trying to encrypt some text using the AES algorithm on both the Android and IPhone platforms. My problem is, even using the same encryption/decryption algorithm (AES-128) and same fixed variables (key, IV, mode), I get different result on both platforms. I am including code samples from both platforms, that I am using to test the encryption/decryption. I would appreciate some help in determining what I am doing wrong.

Key: “123456789abcdefg”
IV: “1111111111111111”
Plain Text: “HelloThere”
Mode: “AES/CBC/NoPadding”

Android Code:

public class Crypto {     private final static String HEX = "0123456789ABCDEF";      public static String encrypt(String seed, String cleartext)             throws Exception {         byte[] rawKey = getRawKey(seed.getBytes());         byte[] result = encrypt(rawKey, cleartext.getBytes());         return toHex(result);     }      public static String decrypt(String seed, String encrypted)             throws Exception {         byte[] rawKey = getRawKey(seed.getBytes());         byte[] enc = toByte(encrypted);         byte[] result = decrypt(rawKey, enc);         return new String(result);     }      private static byte[] getRawKey(byte[] seed) throws Exception {         KeyGenerator kgen = KeyGenerator.getInstance("CBC");         SecureRandom sr = SecureRandom.getInstance("SHA1PRNG");         sr.setSeed(seed);         kgen.init(128, sr); // 192 and 256 bits may not be available         SecretKey skey = kgen.generateKey();         byte[] raw = skey.getEncoded();         return raw;     }      private static byte[] encrypt(byte[] raw, byte[] clear) throws Exception {         SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");         Cipher cipher = Cipher.getInstance("AES");         cipher.init(Cipher.ENCRYPT_MODE, skeySpec);         byte[] encrypted = cipher.doFinal(clear);         return encrypted;     }      private static byte[] decrypt(byte[] raw, byte[] encrypted)             throws Exception {         SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");         Cipher cipher = Cipher.getInstance("AES");         cipher.init(Cipher.DECRYPT_MODE, skeySpec);         byte[] decrypted = cipher.doFinal(encrypted);         return decrypted;     }      public static String toHex(String txt) {         return toHex(txt.getBytes());     }      public static String fromHex(String hex) {         return new String(toByte(hex));     }      public static byte[] toByte(String hexString) {         int len = hexString.length() / 2;         byte[] result = new byte[len];         for (int i = 0; i > 4) & 0x0f)).append(HEX.charAt(b & 0x0f));     } }

IPhone (Objective-C) Code:

- (NSData *) transform:(CCOperation) encryptOrDecrypt data:(NSData *) inputData {       NSData* secretKey = [Cipher md5:cipherKey];      CCCryptorRef cryptor = NULL;     CCCryptorStatus status = kCCSuccess;      uint8_t iv[kCCBlockSizeAES128];     memset((void *) iv, 0x0, (size_t) sizeof(iv));      status = CCCryptorCreate(encryptOrDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,                          [secretKey bytes], kCCKeySizeAES128, iv, &cryptor);      if (status != kCCSuccess) {         return nil;     }      size_t bufsize = CCCryptorGetOutputLength(cryptor, (size_t)[inputData length], true);      void * buf = malloc(bufsize * sizeof(uint8_t));     memset(buf, 0x0, bufsize);      size_t bufused = 0;     size_t bytesTotal = 0;      status = CCCryptorUpdate(cryptor, [inputData bytes], (size_t)[inputData length],                          buf, bufsize, &bufused);      if (status != kCCSuccess) {         free(buf);         CCCryptorRelease(cryptor);         return nil;     }      bytesTotal += bufused;      status = CCCryptorFinal(cryptor, buf + bufused, bufsize - bufused, &bufused);      if (status != kCCSuccess) {         free(buf);         CCCryptorRelease(cryptor);         return nil;     }      bytesTotal += bufused;      CCCryptorRelease(cryptor);      return [NSData dataWithBytesNoCopy:buf length:bytesTotal]; }  + (NSData *) md5:(NSString *) stringToHash {      const char *src = [stringToHash UTF8String];      unsigned char result[CC_MD5_DIGEST_LENGTH];      CC_MD5(src, strlen(src), result);      return [NSData dataWithBytes:result length:CC_MD5_DIGEST_LENGTH]; }

Some of my references :

回答1:

For iPhone I used AESCrypt-ObjC, and for Android use this code:

public class AESCrypt {    private final Cipher cipher;   private final SecretKeySpec key;   private AlgorithmParameterSpec spec;     public AESCrypt(String password) throws Exception   {     // hash password with SHA-256 and crop the output to 128-bit for key     MessageDigest digest = MessageDigest.getInstance("SHA-256");     digest.update(password.getBytes("UTF-8"));     byte[] keyBytes = new byte[32];     System.arraycopy(digest.digest(), 0, keyBytes, 0, keyBytes.length);      cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");     key = new SecretKeySpec(keyBytes, "AES");     spec = getIV();   }           public AlgorithmParameterSpec getIV()   {     byte[] iv = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, };     IvParameterSpec ivParameterSpec;     ivParameterSpec = new IvParameterSpec(iv);      return ivParameterSpec;   }    public String encrypt(String plainText) throws Exception   {     cipher.init(Cipher.ENCRYPT_MODE, key, spec);     byte[] encrypted = cipher.doFinal(plainText.getBytes("UTF-8"));     String encryptedText = new String(Base64.encode(encrypted, Base64.DEFAULT), "UTF-8");      return encryptedText;   }    public String decrypt(String cryptedText) throws Exception   {     cipher.init(Cipher.DECRYPT_MODE, key, spec);     byte[] bytes = Base64.decode(cryptedText, Base64.DEFAULT);     byte[] decrypted = cipher.doFinal(bytes);     String decryptedText = new String(decrypted, "UTF-8");      return decryptedText;   } }

回答2:

It makes me no wonder that you get different results.

Your problem is that you use misuse a SHA1PRNG for key derivation. AFAIK there is no common standard how a SHA1PRNG work internally. AFAIR even the J2SE and Bouncycaste implementation output different results using the same seed.

Hence your implementation of your getRawKey(byte[] seed) will generate you a random key. If you use the key for encryption you are getting an result that depends on that key. As the key is random you will not get the same key on iOS and therefore you are getting a different result.

If you want a key derivation function use a function like PBKDF2 with is nearly fully standardized regarding the key derivation.

回答3:

On Android, you are using getBytes(). This is an error as it means you are using the default charset rather than a known charset. Use getBytes("UTF-8") instead so you know exactly what bytes you are going to get.

I don't know the equivalent for Objective-C, but don't rely on the default. Explicitly specify UTF-8 when converting strings to bytes. That way you will get the same bytes on both sides.

I also note that you are using MD5 in the Objective-C code but not in the Android code. Is this deliberate?

回答4:

See my answer for password-based AES encryption, since, you are effectively using your "seed" as a password. (Just change the key length of 256 to 128, if that's what you want.)

Trying to generate the same key by seeding a DRBG with the same value is not reliable.

Next, you are not using CBC or the IV in your Android encryption. My example shows how to do that properly too. By the way, you need to generate a new IV for every message you encrypt, as my example shows, and send it along with the cipher text. Otherwise, there's no point in using CBC.

回答5:

If you want an example of compatible code for Android and iPhone, look at the RNCryptor library for iOS and the JNCryptor library for Java/Android.

Both projects are open source and share a common data format. In these libraries, AES 256-bit is used, however it would be trivial to adapt the code if necessary to support 128-bit AES.

As per the accepted answer, both libraries use PBKDF2.

文章来源: Encryption using AES-128 in Android and IPhone (Different result)

标签

aes

string