[英]Password-based encryption for Android and iOS
I am working on an IM app that has a native Android and a native iOS implementation. 我正在使用具有本机Android和本机iOS实现的IM应用程序。 One of the required features is being able to encrypt messages by entering an ordinary password string. 所需的功能之一是能够通过输入普通的密码字符串来加密消息。 These messages must then be decrypted by entering this password. 然后必须通过输入此密码来解密这些消息。 I was also told to "use AES". 还告诉我“使用AES”。
My plan, which I have tried with near-success, is to take the password string, salt it with some context info that I know will never change, and generate a fixed-length key using something like MD5. 我的尝试几乎成功的计划是获取密码字符串,并添加一些我知道永远不会更改的上下文信息,然后使用MD5之类的方法生成固定长度的密钥。 I know this isn't super secure. 我知道这不是超级安全。
To decrypt, I repeat above, and I get the same key. 若要解密,请重复上述步骤,然后获得相同的密钥。 Then, I decrypt the data with that key, and get the original data back. 然后,我使用该密钥解密数据,并取回原始数据。
I got this to work on Android and iOS, but they cannot decrypt each other's data, which tells me there might be implementation differences that I can't see and that I can't change. 我可以在Android和iOS上使用它,但是它们无法解密彼此的数据,这告诉我可能存在实现差异,这些差异我看不见,也无法更改。 The first 16 bytes of the AES128-encrypted data on both platforms are always the same, but after that, they are completely different. 两个平台上的AES128加密数据的前16个字节始终相同,但此后它们是完全不同的。 What can I check for? 我可以检查什么?
To be ultra-clear, the user experience is to be identical to that of sharing a zip file with a password. 明确地说,用户体验应与共享带密码的zip文件的体验相同。 The user enters the password, at any time, from any device, and BAM, they get the unencrypted data. 用户可以随时从任何设备和BAM输入密码,他们会获得未加密的数据。 Sharing keyfiles or any of that stuff is NOT part of this. 共享密钥文件或任何其他内容不属于其中。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.