AES解密iOS

Question

我尝试使用AES解密来解密String消息。

- (NSData *)AES256DecryptWithKey:(NSString *)key andIV:(NSString*)iv{

// 'key' should be 32 bytes for AES256, will be null-padded otherwise
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
bzero( keyPtr, sizeof( keyPtr ) ); // fill with zeroes (for padding)

// fetch key data
[key getCString:keyPtr maxLength:sizeof( keyPtr ) encoding:NSUTF8StringEncoding];

NSUInteger dataLength = [self length];

//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc( bufferSize );

size_t numBytesDecrypted = 0;

CCCryptorStatus cryptStatus = CCCrypt( kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
                                      keyPtr, kCCKeySizeAES256,
                                      //[iv cStringUsingEncoding:NSUTF8StringEncoding] /* initialization vector (optional) */,
                                      NULL,
                                      [self bytes], dataLength, /* input */
                                      buffer, bufferSize, /* output */
                                      &numBytesDecrypted );

if( cryptStatus == kCCSuccess )
{
    NSLog(@"CRYPTSTATUS %d",cryptStatus);

    //the returned NSData takes ownership of the buffer and will free it on deallocation
    return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];

}

NSLog(@"CRYPTSTATUS %d",cryptStatus);


free( buffer ); //free the buffer
return nil;

}

但是结果被截断了，有人建议吗？ 填充似乎有问题，但我不知道。 稍后将发送AES密钥（RSA加密）。

如果您能给我建议，那就太好了。

编辑：输入（base64编码）

NSData *keydata = [[NSData alloc]initWithBase64EncodedString:@"QUFBQUE5MThEOTMyOEJCQkJCQkJCODhFMTM3MURFREQ="];
NSString *key = [[NSString alloc]initWithData:keydata encoding:NSUTF8StringEncoding];

NSData *msgnormal = [[NSData alloc]initWithBase64EncodedString:@"oE4LOCjOfjPeggXsDbLQ4ko+57kdb/5EBUcmlTBvaaI="];
NSData *decrypted = [msgnormal AES256DecryptWithKey:key andIV:@""];

NSLog(@"DECRYPTED: %@",[[NSString alloc]initWithData:decrypted encoding:NSUTF8StringEncoding]);

Answer 1

输入也应填充到最近的块。 如果输入在块边界处结束，则实际上您仍会添加整个其他块，以便始终具有填充（稍后将删除）。

您必须知道解密文本的结尾在哪里以及填充的开始位置。 通常，这是通过诸如PKCS7之类的填充来处理的。 由于您将知道填充的字节数，因此以后很容易剥离。