无法使用base64String解密CryptoSwift

Question

用于加密“秘密”的字符串

加密后“64c2VjcmV 0”

这是正确工作的代码。

    let inputNSData: NSData = input.dataUsingEncoding(NSUTF8StringEncoding)!
    let inputBytes: [UInt8] = inputNSData.arrayOfBytes()
    let key: [UInt8] = self.generateArray("secret0key000000") //16
    let iv: [UInt8] = self.generateArray("0000000000000000")  //16
    do {
        let encrypted: [UInt8] = try AES(key: key, iv: iv, blockMode: .CBC).encrypt(inputBytes, padding: PKCS7())    
        let decrypted: [UInt8] = try AES(key: key, iv: iv, blockMode: .CBC).decrypt(encrypted, padding: PKCS7())   
        let decryptNsData: NSData = NSData(bytes: decrypted, length: decrypted.count)     
        let c = decryptNsData.base64EncodedStringWithOptions(NSDataBase64EncodingOptions.Encoding64CharacterLineLength)
        let decryptedString: String = NSString(data: decryptNsData, encoding: NSUTF8StringEncoding) as! String
        print("String after decryption\t\(decryptedString)")
    } catch {
        // some error
    }

但是我无法通过使用相同的密钥解密，而iv我得到了致命的错误:意外地在打开加密字符串的可选值时发现为零。

    let key: [UInt8] = self.generateArray("secret0key000000") //16
    let iv: [UInt8] = self.generateArray("0000000000000000")  //16
    let input: String = "64c2VjcmV0"

    var encryptedStrData = NSData(base64EncodedString: input, options: NSDataBase64DecodingOptions())!
    let inputBytes: [UInt8] = encryptedStrData.arrayOfBytes()
    print("String in uint8\(inputBytes)")
    //var keyData = keyStr.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!
    //var ivData:NSData = ivStr.dataUsingEncoding(NSUTF8StringEncoding, allowLossyConversion: false)!
    do{
    let decryptedTryData = try AES(key: key, iv: iv, blockMode: .CBC).decrypt(inputBytes)
        print(decryptedTryData)
    }
    catch{

    }

我正在收到致命错误:在为加密字符串展开可选值时意外地发现为零。

Answer 1

当没有必要时，您使用的是Base64，只有Base64编码非字符串数据。

下面是第一个测试代码：

let inputBytes: [UInt8] = Array("secret".utf8)
let key:        [UInt8] = Array("secret0key000000".utf8) //16
let iv:         [UInt8] = Array("0000000000000000".utf8)  //16

var encryptedBase64 = ""
do {
    let encrypted: [UInt8] = try AES(key: key, iv: iv, blockMode: .CBC).encrypt(inputBytes, padding: PKCS7())
    let encryptedNSData = NSData(bytes: encrypted, length: encrypted.count)
    encryptedBase64 = encryptedNSData.base64EncodedStringWithOptions([])

    let decrypted: [UInt8] = try AES(key: key, iv: iv, blockMode: .CBC).decrypt(encrypted, padding: PKCS7())
    let result = String(bytes: decrypted, encoding: NSUTF8StringEncoding)!
    print("result\t\(result )")
} catch {
    // some error
}
print("encryptedBase64: \(encryptedBase64)")

输出：

结果:秘密 encryptedBase64: 0OCxa0yJszq9MvkrWjn3wg==

let encryptedData = NSData(base64EncodedString: encryptedBase64, options:[])!
print("decodedData: \(encryptedData)")
let encrypted = Array(UnsafeBufferPointer(start: UnsafePointer<UInt8>(encryptedData.bytes), count: encryptedData.length))

do {
    let decryptedData = try AES(key: key, iv: iv, blockMode: .CBC).decrypt(encrypted)
    let decryptedString = String(bytes: decryptedData, encoding: NSUTF8StringEncoding)!
    print("decryptedString: \(decryptedString)")

}
catch{
    // some error
}

输出：

decryptedString:秘密

备注：

不要使用CryptoSwift，它不使用内置加密硬件，比苹果Security.framework通用密码慢400到1000倍。它也不是很好的审查和使用未经认证的加密代码。

不要直接使用字符串作为密钥，它是不安全的。相反，使用PBKDK2 (基于密码的密钥派生函数)从字符串派生密钥。

Answer 2

Base64字符串必须被4整除。您的字符串不能被4除。您可以使用网站(如https://www.base64decode.org )来测试字符串。

Answer 3

对于Swift3 (为了避免UnsafePointer错误)，这对于第二部分(解码base64变量)是有效的：

let encryptedData = NSData(base64Encoded: encryptedBase64, options:[])!
print("decodedData: \(encryptedData)")

let count = encryptedData.length / MemoryLayout<UInt8>.size

// create an array of Uint8
var encrypted = [UInt8](repeating: 0, count: count)
// copy bytes into array
encryptedData.getBytes(&encrypted, length:count * MemoryLayout<UInt8>.size)

do {
    let decryptedData = try AES(key: key, iv: iv, blockMode: .CBC).decrypt(encrypted)
    let decryptedString = String(bytes: decryptedData, encoding: String.Encoding.utf8)!
    print("decryptedString: \(decryptedString)")

}
catch{
    // some error
}