AESCrypt加密/解密从PHP到iOS

Question

我需要转换在我们的服务器端加密/解密方法如下，请检查下面的代码

------------------------------------------------------------------------------------------------------------------------------------- 
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC); 
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); 
$key = "a16byteslongkey!"; 
$plaintext = "iphone"; 
$ciphertext = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $plaintext, MCRYPT_MODE_CBC, $iv); 


$ciphertext = base64_encode($ciphertext); 
echo "ciphertext: ".$ciphertext."<br/>"; 

$ciphertextinput = base64_decode($ciphertext); 
$cipherdetext = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $ciphertextinput, MCRYPT_MODE_CBC, $iv); 
echo "decryptText:".$cipherdetext."<br/>"; 

我使用AES 256加密尝试，但它提供了不同的结果，

加密

- (NSData *)AES256EncryptWithKey:(NSString *)key { 
// 'key' should be 32 bytes for AES256, will be null-padded otherwise 
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused) 
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) 

// fetch key data 
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; 

NSUInteger dataLength = [self length]; 

//See the doc: For block ciphers, the output size will always be less than or 
//equal to the input size plus the size of one block. 
//That's why we need to add the size of one block here 
size_t bufferSize = dataLength + kCCBlockSizeAES128; 
void *buffer = malloc(bufferSize); 

size_t numBytesEncrypted = 0; 
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, 
             keyPtr, kCCKeySizeAES256, 
             NULL /* initialization vector (optional) */, 
             [self bytes], dataLength, /* input */ 
             buffer, bufferSize, /* output */ 
             &numBytesEncrypted); 
if (cryptStatus == kCCSuccess) { 
    //the returned NSData takes ownership of the buffer and will free it on deallocation 
    return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted]; 
} 

free(buffer); //free the buffer; 
return nil;} 

解密

- (NSData *)AES256DecryptWithKey:(NSString *)key { 
// 'key' should be 32 bytes for AES256, will be null-padded otherwise 
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused) 
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) 

// fetch key data 
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; 

char ivPtr = ""; 

NSUInteger dataLength = [self length]; 


//See the doc: For block ciphers, the output size will always be less than or 
//equal to the input size plus the size of one block. 
//That's why we need to add the size of one block here 
size_t bufferSize = dataLength + kCCBlockSizeAES128; 
void *buffer = malloc(bufferSize); 

size_t numBytesDecrypted = 0; 
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, 
             keyPtr, kCCKeySizeAES256, 
             NULL /* initialization vector (optional) */, 
             [self bytes], dataLength, /* input */ 
             buffer, bufferSize, /* output */ 
             &numBytesDecrypted); 

if (cryptStatus == kCCSuccess) { 
    //the returned NSData takes ownership of the buffer and will free it on deallocation 
    return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted]; 
} 

free(buffer); //free the buffer; 
return nil;} 

OriginalText：iphone

密文：SXNepKfh0IrlDDdkq4EdmQ ==

请告诉我错在这里，请给从PHP解密加密文本的一些建议。如何从base 64编码字符串得到确切的“iphone”字符串SXNepKfh0IrlDDdkq4EdmQ ==

另外，请让我知道如何在AES加密中使用ECB模式。

谢谢！

Answer 1

问题：

`mcrypt的使用非标准空数据填充，iOS的代码使用PKCS＃7填充。

的修复，三种选择：

1. 使用PKCS＃7填充，mcrypt的7填充添加PKCS＃加密之前和解密之后将其删除。 （推荐）

或

用NULL填充，公共的密码不指定kCCOptionPKCS7Padding，空填充加密之前添加和解密之后除去。 （不推荐）

或

它最好不要用的mcrypt，它是放弃的，并没有在年被更新，并且不支持标准PKCS＃7 （néePKCS＃5）填充，只有非标准的null填充甚至不能用于二进制数据。 mcrypt有许多优秀的bugs追溯到2003年。不推荐使用mcrypt扩展名将在PHP 7.2中删除。请考虑使用defuse或RNCryptor，他们提供了一个完整的解决方案，并且正在维护和正确。