Google App Engine (Python) 中的 AES 加密和 iOS (Objective-C) 上的解密

发布于 2024-12-25 00:57:25 字数 4612 浏览 2 评论 0原文

我正在尝试加密来自 python (Google App Engine) 的一些数据，然后在 iOS 上解密。

由于 AES 加密有如此多的选项以及 Python 和 Objective-C 中可用的不同格式，因此存在几个与此相关的问题。

由于 Google App Engine 上 PyCrypto 库的可用性有限，并且 iOS/Objective-C 端的 AES 代码需要 PKCS7Padding，因此我决定在 python 端使用 SlowAES。

我还使用 16 位密钥、CBC 模式和 PKCS7Padding。

鉴于此，这是我的加密函数和辅助变量/函数：

def str2nums(s):
    return map(ord, s)

key = "hjt4mndfy234n5fs"
moo = aes.AESModeOfOperation()
iv = [12, 34, 96, 15] * 4
CBC_mode = moo.modeOfOperation['CBC']
nkey = str2nums(key)


def encrypt(plaintext):
  funcName = inspect.stack()[0][3]
  logging.debug("Enter " + funcName)
  logging.debug("Input string: " + plaintext)
  m, s, encData = moo.encrypt(plaintext, CBC_mode, nkey, len(nkey), iv)
  fmt = len(encData)*'B'
  dataAsStr = ""
  for j in encData:
        dataAsStr = dataAsStr + str(j) + ","
  logging.debug("Output encrypted data:[" + dataAsStr + "]")
  encoded = base64.b64encode(struct.pack(fmt, *encData))
  logging.debug("Output encrypted string: " + encoded)
  decoded = struct.unpack(fmt, base64.b64decode(encoded))
  decrypted = moo.decrypt(decoded, s, CBC_mode, nkey, len(nkey), iv)
  logging.debug("Output decrypted back: " + decrypted)
  return encoded

请注意，在 Python 端，我对数据进行加密、打包，然后进行 Base64 编码。在返回此加密数据之前，我还在解密它时进行了测试运行，只是为了在日志中显示它确实有效。

在 iOS 端，我使用以下 AES NSData 添加：

- (NSData *)AES128DecryptWithKey:(NSString *)key {
    // 'key' should be 16 bytes for AES128, will be null-padded otherwise
    char keyPtr[kCCKeySizeAES128+1]; // room for terminator (unused)
    bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)

    // fetch key data
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSASCIIStringEncoding];

    NSUInteger dataLength = [self length];

    //See the doc: For block ciphers, the output size will always be less than or 
    //equal to the input size plus the size of one block.
    //That's why we need to add the size of one block here
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);

    size_t numBytesDecrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
                                          keyPtr, kCCKeySizeAES128,
                                          NULL /* initialization vector (optional) */,
                                          [self bytes], dataLength, /* input */
                                          buffer, bufferSize, /* output */
                                          &numBytesDecrypted);

    if (cryptStatus == kCCSuccess) {
        //the returned NSData takes ownership of the buffer and will free it on deallocation
        return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
    }

    free(buffer); //free the buffer;
    return nil;
}

当我像这样拉下 base64/打包/加密数据时，我正在使用它：

NSMutableString * result = [[NSMutableString alloc] initWithData:receivedData encoding:NSUTF8StringEncoding];
if (LOG) { NSLog(@"Base64 encoded / Encrypted string: %@", result); }

NSData* encryptedData = [NSData decodeBase64ForString:result]; // base64 decode

if (LOG) { NSLog(@"Encrypted string: %@", encryptedData); }

NSData* decryptedData = [encryptedData AES128DecryptWithKey:@"hjt4mndfy234n5fs"]; // AES Decrypt

问题是，我似乎无法获取数据即使它在服务器（在Python中）上解密得很好，也可以在客户端（iOS）上正确解密。

在解密过程中， cryptStatus 总是以： kCCAlignmentError. 结束，我不太明白。

我也搞乱了 AES 256，但我认为我需要一个 32 位密钥，这似乎不是 CBC 模式下的 SlowAES 的一个选项（至少根据示例？）。

服务器的日志记录（请注意，实际的未加密数据只是一个空集 [] 。这是返回给客户端的 JSON 表示形式。

2012-01-04 08:48:13.962
Enter encrypt
D 2012-01-04 08:48:13.962
Input string: []
D 2012-01-04 08:48:13.967
Output encrypted data:[4,254,226,26,101,240,22,113,44,54,209,203,233,64,208,255,]
D 2012-01-04 08:48:13.967
Output encrypted string: BP7iGmXwFnEsNtHL6UDQ/w==
D 2012-01-04 08:48:13.971
Output decrypted back: []

客户端的日志记录（iOS）：

2012-01-04 12:45:13.891 Base64 encoded / Encrypted string: BP7iGmXwFnEsNtHL6UDQ/w==
2012-01-04 12:45:13.892 Encrypted string: <04fee21a 65f01671 2c36d1cb e940d0ff>
2012-01-04 12:45:29.126 Decrypted string:

所以我的问题是：

“ ”是什么意思？对齐错误”？或者我做错了什么，它不想在客户端解密？
考虑到它看起来匹配得很好，我是否需要担心解压数据？如果是这样，我该怎么办去约一个C 或 Objective-C 中的 unpack() 函数
是否有更好的方法在 Google App Engine 和 iOS 之间进行 AES 加密？

编辑：我还应该注意，除了使用相同的初始化向量的答案之外，我发现了一个差异在 python 和 iOS 代码之间进行填充时，加密/解密对于少量数据工作正常，但后来我遇到了无法解密较大数据的情况，我通过将 iOS 端更改为不使用 PKCS7Padding 并将 0 放在那里来解决这个问题。。

原文

I'm trying to encrypt some data from python (Google App Engine) and then decrypt it on iOS.

There are several issues surrounding this based on the fact that there are so many options with AES Encryption and the different formats available in Python and Objective-C.

Because of the limited availability of the PyCrypto libraries on Google App Engine and the AES code on the iOS/Objective-C side requiring PKCS7Padding, I decided to use slowAES on the python side.

I'm also using a 16-bit key, CBC Mode, and PKCS7Padding.

Given that, this is my encrypt function and helper variables/function:

def str2nums(s):
    return map(ord, s)

key = "hjt4mndfy234n5fs"
moo = aes.AESModeOfOperation()
iv = [12, 34, 96, 15] * 4
CBC_mode = moo.modeOfOperation['CBC']
nkey = str2nums(key)


def encrypt(plaintext):
  funcName = inspect.stack()[0][3]
  logging.debug("Enter " + funcName)
  logging.debug("Input string: " + plaintext)
  m, s, encData = moo.encrypt(plaintext, CBC_mode, nkey, len(nkey), iv)
  fmt = len(encData)*'B'
  dataAsStr = ""
  for j in encData:
        dataAsStr = dataAsStr + str(j) + ","
  logging.debug("Output encrypted data:[" + dataAsStr + "]")
  encoded = base64.b64encode(struct.pack(fmt, *encData))
  logging.debug("Output encrypted string: " + encoded)
  decoded = struct.unpack(fmt, base64.b64decode(encoded))
  decrypted = moo.decrypt(decoded, s, CBC_mode, nkey, len(nkey), iv)
  logging.debug("Output decrypted back: " + decrypted)
  return encoded

Note that on the Python side, I am encrypting, packing, and then base64 encoding the data. Before returning this encrypted data, I'm also doing a test run at decrypting it just to show that in the logs and it does indeed work.

On the iOS side, I'm using the following AES NSData addition:

- (NSData *)AES128DecryptWithKey:(NSString *)key {
    // 'key' should be 16 bytes for AES128, will be null-padded otherwise
    char keyPtr[kCCKeySizeAES128+1]; // room for terminator (unused)
    bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)

    // fetch key data
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSASCIIStringEncoding];

    NSUInteger dataLength = [self length];

    //See the doc: For block ciphers, the output size will always be less than or 
    //equal to the input size plus the size of one block.
    //That's why we need to add the size of one block here
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);

    size_t numBytesDecrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
                                          keyPtr, kCCKeySizeAES128,
                                          NULL /* initialization vector (optional) */,
                                          [self bytes], dataLength, /* input */
                                          buffer, bufferSize, /* output */
                                          &numBytesDecrypted);

    if (cryptStatus == kCCSuccess) {
        //the returned NSData takes ownership of the buffer and will free it on deallocation
        return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
    }

    free(buffer); //free the buffer;
    return nil;
}

And I'm making use of this when I pull down the base64/packed/encrypted data like so:

NSMutableString * result = [[NSMutableString alloc] initWithData:receivedData encoding:NSUTF8StringEncoding];
if (LOG) { NSLog(@"Base64 encoded / Encrypted string: %@", result); }

NSData* encryptedData = [NSData decodeBase64ForString:result]; // base64 decode

if (LOG) { NSLog(@"Encrypted string: %@", encryptedData); }

NSData* decryptedData = [encryptedData AES128DecryptWithKey:@"hjt4mndfy234n5fs"]; // AES Decrypt

The problem is, I can't seem to get the data to decrypt correctly on the client (iOS) side even though it decrypts just fine on the server (in python).

During the decryption, the cryptStatus always ends up : kCCAlignmentError. Which I don't quite understand.

I've also messed with AES 256 but I need a 32bit key I think and that doesn't seem to be an option for slowAES in CBC mode (at least according to the examples?).

Logging of the Server (Notice the actual unencrypted data is merely an empty set [] . That's a JSON representation of such to return to the client.

2012-01-04 08:48:13.962
Enter encrypt
D 2012-01-04 08:48:13.962
Input string: []
D 2012-01-04 08:48:13.967
Output encrypted data:[4,254,226,26,101,240,22,113,44,54,209,203,233,64,208,255,]
D 2012-01-04 08:48:13.967
Output encrypted string: BP7iGmXwFnEsNtHL6UDQ/w==
D 2012-01-04 08:48:13.971
Output decrypted back: []

Logging of the client (iOS):

2012-01-04 12:45:13.891 Base64 encoded / Encrypted string: BP7iGmXwFnEsNtHL6UDQ/w==
2012-01-04 12:45:13.892 Encrypted string: <04fee21a 65f01671 2c36d1cb e940d0ff>
2012-01-04 12:45:29.126 Decrypted string:

So my questions are:

What does it mean by an "Alignment Error"? Or what am I doing wrong that it doesn't want to decrypt on the client?
Do I need to worry about unpacking the data at all considering it looks like it matches up just fine? And if so, how would I go about an unpack() function in C or Objective-C?
Is there just plain a better way to do AES encryption between Google App Engine and iOS?

EDIT: I should also note that besides the answer of using the same Initialization Vector, I found a discrepancy between the python and iOS code for the padding. The encrypt/decrypt worked fine for small amounts of data but then I ran into failure to decrypt with larger ones. I fixed this by changing the iOS side to NOT use PKCS7Padding and put 0 there instead.

分享到QQ

分享到微博