Encryption 带有PKCS7填充的CCCrypt在OS X 10.9中不起作用
我们正在应用程序中使用带有PKCS7填充的CCryptCreate和CCryptUpdate。它在OSX10.7和10.8中运行良好,但在OSX10.9中不起作用。当我尝试使用PKCS7填充进行解密时,CCCryptoRuUpdate返回-4301,kCCBufferTooSmall错误。相比之下,使用非填充时,CCCryptoRuUpdate返回成功。 这是用于加密和解密的代码。有人知道为什么会出问题吗Encryption 带有PKCS7填充的CCCrypt在OS X 10.9中不起作用,encryption,osx-mavericks,Encryption,Osx Mavericks,我们正在应用程序中使用带有PKCS7填充的CCryptCreate和CCryptUpdate。它在OSX10.7和10.8中运行良好,但在OSX10.9中不起作用。当我尝试使用PKCS7填充进行解密时,CCCryptoRuUpdate返回-4301,kCCBufferTooSmall错误。相比之下,使用非填充时,CCCryptoRuUpdate返回成功。 这是用于加密和解密的代码。有人知道为什么会出问题吗 @implementation Crptor @synthesize secretKey
@implementation Crptor
@synthesize secretKey;
const uint8_t keyBytes[] ="abcdef0123456789";
- (id)init
{
if(self == [super init]){
secretKey = [NSData dataWithBytes:keyBytes length:sizeof(keyBytes)];
}
return self;
}
- (int)cryptFile:(CCOperation)op inPath:(NSString *)inPath outPath:(NSString *)outPath
{
int rc = kCCSuccess;
NSFileManager *fileManager = [[NSFileManager alloc] init];
if ([fileManager createFileAtPath:outPath contents:nil attributes:nil] == NO) {
NSLog(@"[]Failed:NSFileManager::createFileAtPath:contents:attributes");
return -1;
}
NSFileHandle *input = [NSFileHandle fileHandleForReadingAtPath:inPath];
NSFileHandle *output = [NSFileHandle fileHandleForWritingAtPath:outPath];
if (input == nil) {
NSLog(@"[]Failed:NSFileHandle::fileHandleForReadingAtPath:");
return -1;
}
if (output == nil) {
NSLog(@"[]Failed:NSFileHandle::fileHandleForWritingAtPath:");
return -1;
}
CCCryptorRef cryptor = NULL;
int blockSize = 4096;
size_t outDataLength;
size_t dataOutMoved;
char *buffer = NULL;
rc = CCCryptorCreate(op, kCCAlgorithmAES128, kCCOptionPKCS7Padding | kCCOptionECBMode, CFBridgingRetain(self.secretKey) ,kCCKeySizeAES128, NULL, &cryptor);
if (rc != kCCSuccess) {
NSLog(@"[]Failed:CCCryptorCreate[err=%d]", rc);
goto CLEAN_UP;
}
outDataLength = CCCryptorGetOutputLength(cryptor, blockSize, false);
buffer = malloc(outDataLength * 10);
bzero(buffer,malloc_size(buffer));
if (buffer == NULL) {
rc = (-1);
goto CLEAN_UP;
}
while (true) {
NSData *inData;
inData = [input readDataOfLength:blockSize];
if (inData.length == 0) {
break;
}
rc = CCCryptorUpdate(cryptor, inData.bytes, inData.length, buffer, outDataLength, &dataOutMoved);
if (rc != kCCSuccess) {
NSLog(@"[]CCCryptorUpdate[err=%d]", rc);
goto CLEAN_UP;
}
[output writeData:[NSData dataWithBytesNoCopy:buffer length:dataOutMoved freeWhenDone:NO]];
}
rc = CCCryptorFinal(cryptor, buffer, outDataLength, &dataOutMoved);
if (rc != kCCSuccess) {
NSLog(@"[]CCCryptorFinal[err=%d]", rc);
goto CLEAN_UP;
}
[output writeData:[NSData dataWithBytesNoCopy:buffer length:dataOutMoved freeWhenDone:NO]];
CLEAN_UP:
[input closeFile];
[output closeFile];
if (cryptor != NULL) {
CCCryptorRelease(cryptor);
cryptor = NULL;
}
if (buffer != NULL) {
free(buffer);
buffer = NULL;
}
return rc;
}
@end
无法直接看到代码中的任何内容,但您确定代码中的
outDataLength*10
?这似乎有点奇怪。您是否使用调试器查看了代码中创建的大小?感谢您的评论。在初始代码中,此行是buffer=malloc(outDataLength)代码>。由于CCCryptorUpdate在OX10.9中返回kCCBufferTooSmall错误,我将其替换为buffer=malloc(outDataLength*10)代码>。它返回了kCCBufferTooSmall错误,与替换之前一样。kCCOptionPKCS7Padding | kCCOptionECBMode
是否矛盾?我想你得选一个,对吧?我觉得自己像个掘墓人,但我认为这对(就像我刚才那样)偶然发现这个问题的人可能有用。作者从长度未知的文件中读取,但他创建了一个硬编码大小的缓冲区。除了其他错误和编码风格(goto
,真的吗?),这可能是错误的原因。