将IOS中加密的JSON数据发送到PHP进行解密
我有一个函数,它要求我将一个加密的JSON实例发送到PHP服务器进行验证。我在尝试启动整个流程并运行时遇到了一个问题,为了找出问题所在,我头脑混乱将IOS中加密的JSON数据发送到PHP进行解密,php,ios,json,encryption,Php,Ios,Json,Encryption,我有一个函数,它要求我将一个加密的JSON实例发送到PHP服务器进行验证。我在尝试启动整个流程并运行时遇到了一个问题,为了找出问题所在,我头脑混乱 -(void) sendData:(NSString*)theweb{ //preparing sample json NSMutableDictionary * dict = [[NSMutableDictionary alloc]init]; [dict setObject:@"
-(void) sendData:(NSString*)theweb{
//preparing sample json
NSMutableDictionary * dict = [[NSMutableDictionary alloc]init];
[dict setObject:@"test" forKey:@"example"];
[dict setObject:@"1" forKey:@"p"];
[dict setObject:@"yourPostMessage" forKey:@"test"];
[dict setObject:@"isNotReal" forKey:@"this"];
//json creation
NSData* data2 = [JSONBuilder toJSON:dict];
NSString * jsonstring = [[NSString alloc]initWithData:data2 encoding:NSUTF8StringEncoding];
//creating a dummy sha256 hash for aes256 key.
NSString * string3 = [self sha256HashFor:@"hello"];
//trimming hash to 32 character key.
string3 = [string3 substringToIndex:32];
//encrypting data to aes256
data2 = [data2 AES256EncryptWithKey:string3];
NSString * b64= [data2 base64EncodedString];
NSString *post = [NSString stringWithFormat:@"theRealData=%@",b64];
NSData *postData = [post dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:NO];
requestObj = nil;
//NSMutableRequest
requestObj = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:theweb]];
NSString *postLength = [NSString stringWithFormat:@"%d", [postData length]];
[requestObj setValue:@"application/x-www-form-urlencoded;charset=charset=us-ascii" forHTTPHeaderField:@"Content-Type"];
[requestObj setValue:postLength forHTTPHeaderField:@"Content-Length"];
[requestObj setHTTPMethod:@"POST"];
[requestObj setHTTPBody:postData];
//calling a new NSURLConnection
conn = nil;
conn = [NSURLConnection connectionWithRequest:requestObj delegate:self];
[conn start];
}
此函数中使用的方法如下:
+(NSData*)toJSON :(NSMutableDictionary*)dictionary
{
NSError* error = nil;
id result = [NSJSONSerialization dataWithJSONObject:dictionary options:kNilOptions error:&error];
if (error != nil) return nil;
return result;
}
-(NSString*)sha256HashFor:(NSString*)input
{
const char* str = [input UTF8String];
unsigned char result[CC_SHA256_DIGEST_LENGTH];
CC_SHA256(str, strlen(str), result);
NSMutableString *ret = [NSMutableString stringWithCapacity:CC_SHA256_DIGEST_LENGTH*2];
for(int i = 0; i<CC_SHA256_DIGEST_LENGTH; i++)
{
[ret appendFormat:@"%02x",result[i]];
}
return ret;
}
- (NSData *)AES256EncryptWithKey:(NSString *)key {
// 'key' should be 32 bytes for AES256, will be null-padded otherwise
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
NULL /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer); //free the buffer;
return nil;
}
以下是我的发现:
Output of Base64 string(Gotten on both sides):
UalnWmRiMQv8z4mEm+6B3HFSbiDwWcK1LYPhk6jDq+DiwYzvxqoZuDnlJUAjWbX6sQepiL8fb8/JQ0NXhQocglIcJN759AbpVSsbiXmwL78=
Output of vardump on base64_decode on PHP side:
BOOL(false)
Output of vardump on $result: none
不知何故,我觉得问题在于编码。有人能在这方面指导我吗?我不知所措。在您的PHP代码中:
$result = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($data), 'ecb');
在您的iOS代码中:
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
NULL /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted);
需要明确的是,kCCOptionPKCS7Padding
是CBC模式标志,而不是ECB模式标志
我认为这里有两个bug:
urlencode()
(或等效文件),以防止+
成为空格字符hash_equals()
将其与给定的HMAC进行比较。如果失败,抛出异常或者,您可能希望切换到或进行加密,并将PHP更新为7.2+,并使用
Na钠*
函数进行解密。IOS中的AES256和PHP中的Rijndael128-但是为什么?您的+
字符是否被编码为空格字符(``)?在将数据发送到PHP时,您可能会成为URL编码的受害者。
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
NULL /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted);