3DES encryption different on iPhone and server

2019-06-27 08:51发布

问题:

I have the following code for encrypting the request i am sending to my server. The decoding on the server is done by .NET and on the iPhone, I am using the security framework with the following code.

- (NSString*) doCipher:(NSString*)plainText:(CCOperation)encryptOrDecrypt {

const void *vplainText;
size_t plainTextBufferSize;

if (encryptOrDecrypt == kCCDecrypt)
{
    NSData *EncryptData = [[NSData alloc] initWithBase64EncodedString:plainText];
    plainTextBufferSize = [EncryptData length];
    vplainText = [EncryptData bytes];
}
else
{
    plainTextBufferSize = [plainText length];
    vplainText = (const void *) [plainText UTF8String];
}

CCCryptorStatus ccStatus;
uint8_t *bufferPtr = NULL;
size_t bufferPtrSize = 0;
size_t movedBytes = 0;
// uint8_t iv[kCCBlockSize3DES];

uint8_t iv[kCCBlockSize3DES];
memset((void *) iv, 0x0, (size_t) sizeof(iv));

bufferPtrSize = (plainTextBufferSize + kCCBlockSize3DES) & ~(kCCBlockSize3DES - 1);
bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t));
memset((void *)bufferPtr, 0x0, bufferPtrSize);
// memset((void *) iv, 0x0, (size_t) sizeof(iv));

NSString *key = @"D3v3lop_4pp13_f0r_M4z4Y4";
const void *vkey = (const void *) [key UTF8String];

ccStatus = CCCrypt(encryptOrDecrypt,
                   kCCAlgorithm3DES,
                   kCCOptionPKCS7Padding,
                   vkey, //"123456789012345678901234", //key
                   kCCKeySize3DES,
                   iv, //"init Vec", //iv,
                   vplainText, //"Your Name", //plainText,
                   plainTextBufferSize,
                   (void *)bufferPtr,
                   bufferPtrSize,
                   &movedBytes);
if (ccStatus == kCCSuccess) NSLog(@"SUCCESS");
else if (ccStatus == kCCParamError) return @"PARAM ERROR";
else if (ccStatus == kCCBufferTooSmall) return @"BUFFER TOO SMALL";
else if (ccStatus == kCCMemoryFailure) return @"MEMORY FAILURE";
else if (ccStatus == kCCAlignmentError) return @"ALIGNMENT";
else if (ccStatus == kCCDecodeError) return @"DECODE ERROR";
else if (ccStatus == kCCUnimplemented) return @"UNIMPLEMENTED";

NSString *result;

if (encryptOrDecrypt == kCCDecrypt)
{
    result = [[ [NSString alloc] initWithData: [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes] encoding:NSASCIIStringEncoding] autorelease];
}
else
{
    NSData *myData = [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes];
    result = [myData base64Encoding];   
}    
return result;
}    

The encryption on the server and the iPhone give the same result when the encrypted string is less than 8 characters! after that, it gives different results. I am a total beginner with this, is there any hint on where to look?

回答1:

Yes, your cipher modes and/or padding are different. Make sure you are using the same mode on both the server and client. For instance, in most cases CBC mode with PKCS#7 padding is a good choice.

Is there any particular reason you are using 3DES? It is significantly slower than AES (with slightly worse properties).