dougao9864 2019-09-12 05:31
浏览 221
已采纳

swift API SecKeyCreateEncryptedData使用的其他经过身份验证的数据是什么?

I am using rsaEncryptionOAEPSHA256AESGCM to encrypt some data using SecKeyCreateEncryptedData on iOS and then decrypting the same data on backend in golang. I am using a 3072 bit rsa public key to encrypt the symmetric key. When I get the data from iOS to backend, I am successfully able to decrypt the symmetric key but the gcm tag verification fails. I am using the same 16-byte IV that iOS uses but have no idea if iOS is using any aad(additional authentication data) when encrypting. Does anyone know if rsaEncryptionOAEPSHA256AESGCM for iOS uses some aad? This is for iOS 10+.

I have already tried using nil, empty 16 byte array, the aes key itself, nonce as the aad but none of these worked.

In Swift:

private let algorithm = SecKeyAlgorithm.rsaEncryptionOAEPSHA256AESGCM
// Key is 3072 bit RSA public key
// API doesnt take any aad
SecKeyCreateEncryptedData(key, algorithm, cfData, &error)

In Golang:

c, err := aes.NewCipher(aesKey)
gcm, err := cipher.NewGCMWithNonceSize(c, 16)
nonce := make([]byte, 16)
// Data has both the ciphertext and the gcm tag as the last 16 bytes
// Last field in the api is the aad
dec, err := gcm.Open(nil, nonce, data, nil)

This is the error I see in golang "cipher: message authentication failed" and the error is thrown from the code which validates the gcm tag.

  • 写回答

1条回答

      报告相同问题?

      相关推荐 更多相似问题

      悬赏问题

      • ¥15 layui upload.render 问题 有偿
      • ¥15 “with “is not allowed in strict mode
      • ¥15 ADS2020使用村田数据库仿真出错
      • ¥15 如何解决爬取网站不定时不返回数据
      • ¥20 有几个关于fpga的基础问题黑盒仿真,建立保持时间,和仿真覆盖理论。
      • ¥20 如何在NCBI上下载高通量的测序数据
      • ¥15 L型TFET的器件参数
      • ¥15 nacos启动失败,文件夹权限
      • ¥20 vb6.0窗体中的vscroll控件无法响应鼠标滚轮事件,请教方法
      • ¥15 如何在linux服务器做视频静态资源访问接口