Xcode中的AES128加密和PHP中的解密成功与否取决于密钥值

Question

1. 我按照https://tharindufit.wordpress.com/2011/12/15/aes128-encryption-in-ios-and-decryption-in-php/中的步骤进行操作，以开发Xcode中的客户端加密和PHP中的服务器解密。

2. 我在https://asecuritysite.com/encryption/keygen生成了aes-128-ecb密钥。

3. 我的问题是：

如果将密钥设置为类似于“ key”的短字符串，则PHP解密将起作用； 但是，如果我使用上述网站生成的密钥“ D3C3794A79ADBDFD256645D59F01E2BD”，则无法执行PHP解密。

这是为什么？？

我的确切代码如下。

Xcode的客户端：

#import "ViewController.h"
#import "NSString+AESCrypt.h"

static NSString *const KEY = @"D3C3794A79ADBDFD256645D59F01E2BD";

@interface ViewController (){
    NSString *rawPassword;
    NSMutableData *receivedData;
}

@end

@implementation ViewController

- (void)viewDidLoad {
    [super viewDidLoad];
} 
- (IBAction)send:(UIButton *)sender {
    rawPassword = @"passwordHere";
    [self sendRequest];
}

- (void) sendRequest {
    NSString *rawUserid = @"useridHere";

    // Encrypt with key
    NSString *encoded_usr = [rawUserid AES128EncryptWithKey: KEY];
    NSString *encoded_pwd = [rawPassword AES128EncryptWithKey: KEY];

    NSString *parameter = [NSString stringWithFormat:
              @"userid=%@&password=%@",encoded_usr, encoded_pwd];

    NSLog(@"sending:%@", parameter);
    NSData *parameterData = [parameter dataUsingEncoding:NSUTF8StringEncoding];

    NSURL *url = [NSURL URLWithString: @"http://mywebsite.com/server.php"];
    NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url];
    [request setHTTPBody:parameterData];

    [request setHTTPMethod:@"POST"];
    [request addValue: @"application/x-www-form-urlencoded; charset=utf-8"  forHTTPHeaderField:@"Content-Type"];
    NSURLConnection *connection = [[NSURLConnection alloc]initWithRequest:request delegate:self];


    if(connection){
        receivedData = [[NSMutableData alloc]init];
        NSLog(@"CONNECTING");
    } else {
        NSLog(@"NO CONNECTING");
    }
}

#pragma mark NSURLConnection delegates
-(void) connection:(NSURLConnection *)connection didReceiveResponse:(NSURLResponse *)response
{
    [receivedData setLength:0];
}
-(void) connection:(NSURLConnection *)connection didReceiveData:(NSData *)data
{
    [receivedData appendData:data];
}
-(void) connection:(NSURLConnection *)connection didFailWithError:(NSError *)error
{
    NSLog(@"CONNECTION FAILED");
    return;
 }
-(void) connectionDidFinishLoading:(NSURLConnection *)connection
 {
    NSString* newStr = [[NSString alloc] initWithData:receivedData encoding:NSUTF8StringEncoding];
    NSLog(@"connectionDidFinishLoading:%@", newStr);
 }
 @end

服务器端PHP：

<?php

$encoded_pwd = $_POST['password'];
$encoded_usr = $_POST['userid'];
$device      = $_POST['device'];

$decoded_pwd = decrypt_password( $encoded_pwd , "D3C3794A79ADBDFD256645D59F01E2BD");
$decoded_usr = decrypt_password( $encoded_usr , "D3C3794A79ADBDFD256645D59F01E2BD");

echo "decoded userid:".$decoded_usr."  decoded password:".$decoded_pwd;

function decrypt_password($pass,$key)
{
 $base64encoded_ciphertext = $pass;

 $res_non = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, base64_decode($base64encoded_ciphertext), MCRYPT_MODE_ECB);

 $decrypted = $res_non;
 $dec_s2 = strlen($decrypted);

 $padding = ord($decrypted[$dec_s2-1]);
 $decrypted = substr($decrypted, 0, -$padding);

 return  $decrypted;
}
?>

Answer 1

由于您使用的是AES-128，因此密钥应为128位（即16个字节/字符）。 您链接到的Objective-C代码说得足够多（ // 'key' should be 16 bytes for AES128 ），并且还会填充较短的密钥以使其具有适当的长度（ // fill with zeroes (for padding) ）。

因此，大于128位的密钥会导致出现问题。 并且期望少于128位的密钥也可以工作（通过用零填充将密钥增加到128位）。

您正在使用的密钥生成站点为AES-128 ECB生成16个字符的密钥...但是以十六进制显示它们（即每个密钥字符2个十六进制数字=> 32个十六进制数字），这就是为什么它们显示为32-“字符”键。