I want to create an iOS mobile application which is to communicate with my Node.js web application. In order to encrypt the data being sent from the mobile device to the web application I've decided to use AES 256 encryption and then converting to base64. The problem is that all the Objective-C libraries that I found do not have the same output (for the same password and input text) as the Node.js ones. I really don't know what to do...
我想创建一个iOS移动应用程序,它与我的Node.js Web应用程序进行通信。为了加密从移动设备发送到Web应用程序的数据,我决定使用AES 256加密,然后转换为base64。问题是我找到的所有Objective-C库都没有与Node.js相同的输出(对于相同的密码和输入文本)。我真的不知道该怎么办......
Here are some of the iOS libraries:
以下是一些iOS库:
- FBEncryptor
- AESCrypt
- also here is quite a nice example
这里也是一个很好的例子
Also, for the Node.js platform I tried these libraries:
另外,对于Node.js平台,我尝试了这些库:
- all these four libraries
-
based on this example I've constructed mine:
基于这个例子,我构建了我的:
var crypto = require('crypto'); var key = "onceuponatime"; var toCrypt = "Hello World!"; var output = ''; var decrypted = ''; var cipher = crypto.createCipher('aes256', key); output += cipher.update(toCrypt, 'utf-8', 'base64'); output += cipher.final('base64'); console.log(output); var deCipher = crypto.createDecipher('aes256', key); decrypted += deCipher.update(output,'base64','utf-8'); decrypted += deCipher.final('utf-8'); console.log(decrypted);
所有这四个图书馆
Using FBEncryptor and my Node.js example I get the following encryped base64 strings for the input I've provided : 7TsBLBvS6A1iByn9OTkzWA== and mZ9cf4oklVN2ZnD0oQ0Tjw==. Could you help me finding a solution where I would get the same encrypted string both on iOS and on Node.js? Thanks.
使用FBEncryptor和我的Node.js示例,我为我提供的输入获得了以下加密的base64字符串:7TsBLBvS6A1iByn9OTkzWA ==和mZ9cf4oklVN2ZnD0oQ0Tjw ==。你能帮我找到一个解决方案,我会在iOS和Node.js上得到相同的加密字符串吗?谢谢。
1 个解决方案
#1
8
If you look at the source code for FBEncryptor, you'll see that it creates a 32-byte zero-filled buffer for the key and a 16-byte zero-filled buffer for the IV. The key is then copied into the key buffer. The IV buffer is untouched. In order to produce the same output via Node.js, we need to replicate what is happening inside FBEncryptor.
如果查看FBEncryptor的源代码,您将看到它为密钥创建了一个32字节的零填充缓冲区,为IV创建了一个16字节的零填充缓冲区。然后将密钥复制到密钥缓冲区中。 IV缓冲区不受影响。为了通过Node.js生成相同的输出,我们需要复制FBEncryptor中发生的事情。
Instead of using crypto.createCipher, you'll need to use crypto.createCipheriv and supply the IV. Same goes for crypto.createDecipher.
您不需要使用crypto.createCipher,而是需要使用crypto.createCipheriv并提供IV。 crypto.createDecipher也是如此。
So let's walkthrough the node.js code:
那么让我们来看看node.js代码:
var crypto = require('crypto');
var key = "onceuponatime";
var toCrypt = "Hello World!";
This is unchanged from your original script. We simply import the crypto module and set up the encryption key and the string to be encrypted.
这与原始脚本相同。我们只需导入加密模块并设置加密密钥和要加密的字符串。
// Create the 32-byte zero-filled key buffer
keyBuf = new Buffer(Array(32));
// Copy the key into this buffer
keyBuf.write(key, 'utf8');
// Create the 16-byte zero-filled IV buffer
ivBuf = new Buffer(Array(16));
Here we create the key and IV buffers that we'll use to encrypt toCrypt.
在这里,我们创建了用于加密toCrypt的密钥和IV缓冲区。
var cipher = crypto.createCipheriv('aes256', keyBuf, ivBuf);
output = cipher.update(toCrypt, 'utf-8', 'base64') + cipher.final('base64');
console.log(output);
Next, we set up the cipher with the key and IV buffers and encrypt toCrypt. This produces 7TsBLBvS6A1iByn9OTkzWA== which is the same as FBEncryptor.
接下来,我们使用密钥和IV缓冲区设置密码并加密到Crypt。这产生7TsBLBvS6A1iByn9OTkzWA ==这与FBEncryptor相同。
var deCipher = crypto.createDecipheriv('aes256', keyBuf, ivBuf);
decrypted = deCipher.update(output,'base64','utf-8') + deCipher.final('utf-8');
console.log(decrypted);
Here we set up the decipher with the key and IV buffers and decrypt the encrypted string. This produces the output Hello World!.
在这里,我们使用密钥和IV缓冲区设置解密并解密加密的字符串。这会产生输出Hello World!。
#1
8
If you look at the source code for FBEncryptor, you'll see that it creates a 32-byte zero-filled buffer for the key and a 16-byte zero-filled buffer for the IV. The key is then copied into the key buffer. The IV buffer is untouched. In order to produce the same output via Node.js, we need to replicate what is happening inside FBEncryptor.
如果查看FBEncryptor的源代码,您将看到它为密钥创建了一个32字节的零填充缓冲区,为IV创建了一个16字节的零填充缓冲区。然后将密钥复制到密钥缓冲区中。 IV缓冲区不受影响。为了通过Node.js生成相同的输出,我们需要复制FBEncryptor中发生的事情。
Instead of using crypto.createCipher, you'll need to use crypto.createCipheriv and supply the IV. Same goes for crypto.createDecipher.
您不需要使用crypto.createCipher,而是需要使用crypto.createCipheriv并提供IV。 crypto.createDecipher也是如此。
So let's walkthrough the node.js code:
那么让我们来看看node.js代码:
var crypto = require('crypto');
var key = "onceuponatime";
var toCrypt = "Hello World!";
This is unchanged from your original script. We simply import the crypto module and set up the encryption key and the string to be encrypted.
这与原始脚本相同。我们只需导入加密模块并设置加密密钥和要加密的字符串。
// Create the 32-byte zero-filled key buffer
keyBuf = new Buffer(Array(32));
// Copy the key into this buffer
keyBuf.write(key, 'utf8');
// Create the 16-byte zero-filled IV buffer
ivBuf = new Buffer(Array(16));
Here we create the key and IV buffers that we'll use to encrypt toCrypt.
在这里,我们创建了用于加密toCrypt的密钥和IV缓冲区。
var cipher = crypto.createCipheriv('aes256', keyBuf, ivBuf);
output = cipher.update(toCrypt, 'utf-8', 'base64') + cipher.final('base64');
console.log(output);
Next, we set up the cipher with the key and IV buffers and encrypt toCrypt. This produces 7TsBLBvS6A1iByn9OTkzWA== which is the same as FBEncryptor.
接下来,我们使用密钥和IV缓冲区设置密码并加密到Crypt。这产生7TsBLBvS6A1iByn9OTkzWA ==这与FBEncryptor相同。
var deCipher = crypto.createDecipheriv('aes256', keyBuf, ivBuf);
decrypted = deCipher.update(output,'base64','utf-8') + deCipher.final('utf-8');
console.log(decrypted);
Here we set up the decipher with the key and IV buffers and decrypt the encrypted string. This produces the output Hello World!.
在这里,我们使用密钥和IV缓冲区设置解密并解密加密的字符串。这会产生输出Hello World!。