AESCrypt加密/解密從PHP到iOS

Question

我需要轉換在我們的服務器端加密/解密方法如下，請檢查下面的代碼

------------------------------------------------------------------------------------------------------------------------------------- 
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); 
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); 
$key = "a16byteslongkey!"; 
$plaintext = "iphone"; 
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $plaintext, MCRYPT_MODE_CBC, $iv); 


$ciphertext = base64_encode($ciphertext); 
echo "ciphertext: ".$ciphertext."<br/>"; 

$ciphertextinput = base64_decode($ciphertext); 
$cipherdetext = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertextinput, MCRYPT_MODE_CBC, $iv); 
echo "decryptText:".$cipherdetext."<br/>"; 

我使用AES 256加密嘗試，但它提供了不同的結果，

加密

- (NSData *)AES256EncryptWithKey:(NSString *)key { 
// 'key' should be 32 bytes for AES256, will be null-padded otherwise 
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused) 
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) 

// fetch key data 
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; 

NSUInteger dataLength = [self length]; 

//See the doc: For block ciphers, the output size will always be less than or 
//equal to the input size plus the size of one block. 
//That's why we need to add the size of one block here 
size_t bufferSize = dataLength + kCCBlockSizeAES128; 
void *buffer = malloc(bufferSize); 

size_t numBytesEncrypted = 0; 
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, 
             keyPtr, kCCKeySizeAES256, 
             NULL /* initialization vector (optional) */, 
             [self bytes], dataLength, /* input */ 
             buffer, bufferSize, /* output */ 
             &numBytesEncrypted); 
if (cryptStatus == kCCSuccess) { 
    //the returned NSData takes ownership of the buffer and will free it on deallocation 
    return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted]; 
} 

free(buffer); //free the buffer; 
return nil;} 

解密

- (NSData *)AES256DecryptWithKey:(NSString *)key { 
// 'key' should be 32 bytes for AES256, will be null-padded otherwise 
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused) 
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) 

// fetch key data 
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; 

char ivPtr = ""; 

NSUInteger dataLength = [self length]; 


//See the doc: For block ciphers, the output size will always be less than or 
//equal to the input size plus the size of one block. 
//That's why we need to add the size of one block here 
size_t bufferSize = dataLength + kCCBlockSizeAES128; 
void *buffer = malloc(bufferSize); 

size_t numBytesDecrypted = 0; 
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, 
             keyPtr, kCCKeySizeAES256, 
             NULL /* initialization vector (optional) */, 
             [self bytes], dataLength, /* input */ 
             buffer, bufferSize, /* output */ 
             &numBytesDecrypted); 

if (cryptStatus == kCCSuccess) { 
    //the returned NSData takes ownership of the buffer and will free it on deallocation 
    return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted]; 
} 

free(buffer); //free the buffer; 
return nil;} 

OriginalText：iphone

密文：SXNepKfh0IrlDDdkq4EdmQ ==

請告訴我錯在這裏，請給從PHP解密加密文本的一些建議。如何從base 64編碼字符串得到確切的「iphone」字符串SXNepKfh0IrlDDdkq4EdmQ ==

另外，請讓我知道如何在AES加密中使用ECB模式。

謝謝！

Answer 1

問題：

`mcrypt的使用非標準空數據填充，iOS的代碼使用PKCS＃7填充。

的修復，三種選擇：

1. 使用PKCS＃7填充，mcrypt的7填充添加PKCS＃加密之前和解密之後將其刪除。 （推薦）

或

用NULL填充，公共的密碼不指定kCCOptionPKCS7Padding，空填充加密之前添加和解密之後除去。 （不推薦）

或

它最好不要用的mcrypt，它是放棄的，並沒有在年被更新，並且不支持標準PKCS＃7 （néePKCS＃5）填充，只有非標準的null填充甚至不能用於二進制數據。 mcrypt有許多優秀的bugs追溯到2003年。不推薦使用mcrypt擴展名將在PHP 7.2中刪除。請考慮使用defuse或RNCryptor，他們提供了一個完整的解決方案，並且正在維護和正確。