常见的几种加密方法和实
常见的几种加密方法 :
MD5
SHA1
RSA
AES
DES
1、MD5加密 是HASH算法一种、 是生成32位的数字字母混合码。 MD5主要特点是 不可逆
MD5算法还具有以下性质:
1、压缩性:任意长度的数据,算出的MD5值长度都是固定的。
2、容易计算:从原数据计算出MD5值很容易。
3、抗修改性:对原数据进行任何改动,哪怕只修改1个字节,所得到的MD5值都有很大区别。
4、弱抗碰撞:已知原数据和其MD5值,想找到一个具有相同MD5值的数据(即伪造数据)是非常困难的。
5、强抗碰撞:想找到两个不同的数据,使它们具有相同的MD5值,是非常困难的。
具体代码
//输出小写
- (NSString *)lowerMD5:(NSString *)inPutText
{
//传入参数,转化成char
const char *cStr = [inPutText UTF8String];
//开辟一个16字节的空间
unsigned char result[CC_MD5_DIGEST_LENGTH];
/*
extern unsigned char * CC_MD5(const void *data, CC_LONG len, unsigned char *md)官方封装好的加密方法
把str字符串转换成了32位的16进制数列(这个过程不可逆转) 存储到了md这个空间中
*/
CC_MD5(cStr, (CC_LONG)strlen(cStr), result);
return [[NSString stringWithFormat:@"%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",
result[0], result[1], result[2], result[3],
result[4], result[5], result[6], result[7],
result[8], result[9], result[10], result[11],
result[12], result[13], result[14], result[15]
] lowercaseString]; //大小写注意
}
//输出大写
- (NSString *)upperMD5:(NSString *)inPutText
{
//传入参数,转化成char
const char *cStr = [inPutText UTF8String];
//开辟一个16字节的空间
unsigned char result[CC_MD5_DIGEST_LENGTH];
/*
extern unsigned char * CC_MD5(const void *data, CC_LONG len, unsigned char *md)官方封装好的加密方法
把str字符串转换成了32位的16进制数列(这个过程不可逆转) 存储到了md这个空间中
*/
CC_MD5(cStr, (CC_LONG)strlen(cStr), result);
return [[NSString stringWithFormat:@"%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",
result[0], result[1], result[2], result[3],
result[4], result[5], result[6], result[7],
result[8], result[9], result[10], result[11],
result[12], result[13], result[14], result[15]
] uppercaseString]; //大小写注意
}
调用 : 代码实现
NSLog(@"小写:%@",[self lowerMD5:@"123456"]);
NSLog(@"大写:%@",[self upperMD5:@"123456"]);
为了让MD5码更加安全 ,我们现在都采用加盐,盐要越长越乱,得到的MD5码就很难查到。
static NSString * salt =@"asdfghjklpoiuytrewqzxcvbnm";
NSLog(@"加盐小写:%@",[self lowerMD5:[@"123456" stringByAppendingString:salt]]);
NSLog(@"加盐大写:%@",[self upperMD5:[@"123456" stringByAppendingString:salt]]);
输出结果
2018-11-27 15:27:12.012590+0800 Encryption[12828:3995427]
小写:e10adc3949ba59abbe56e057f20f883e 2018-11-27 15:27:12.012774+0800
Encryption[12828:3995427] 大写:E10ADC3949BA59ABBE56E057F20F883E
2018-11-27 15:27:12.012901+0800 Encryption[12828:3995427]
加盐小写:71d1bda9346fab4eea309f4ed74b8f80 2018-11-27 15:27:12.013108+0800
Encryption[12828:3995427] 加盐大写:71D1BDA9346FAB4EEA309F4ED74B8F80
2、SHA1 算法是哈希算法的一种
代码实现 :
//sha1
- (NSString *)sha1:(NSString *)input
{
const char *cstr = [input cStringUsingEncoding:NSUTF8StringEncoding];
NSData *data = [NSData dataWithBytes:cstr length:input.length];
//使用对应的 CC_SHA1_DIGEST_LENGTH,CC_SHA224_DIGEST_LENGTH,CC_SHA256_DIGEST_LENGTH,CC_SHA384_DIGEST_LENGTH,CC_SHA512_DIGEST_LENGTH的长度分别是20,28,32,48,64。;看你们需求选择对应的长度
uint8_t digest[CC_SHA1_DIGEST_LENGTH];
CC_SHA1(data.bytes, (unsigned int)data.length, digest);
NSMutableString *output = [NSMutableString stringWithCapacity:CC_SHA1_DIGEST_LENGTH * 2];
for(int i=0; i<CC_SHA1_DIGEST_LENGTH; i++) {
[output appendFormat:@"%02x", digest[i]];
}
NSLog(@"sha----->%@",output);
return output;
}
调用 代码实现 [self sha1:@"123456"];
运行结果 :
2018-11-27 15:27:12.013237+0800 Encryption[12828:3995427]
sha----7c4a8d09ca3762af61e59520943dc26494f8941b
3、RSA 非对称加密算法 (公钥私钥生成步骤点击)
非对称加密算法需要两个密钥:公开密钥(publickey)和私有密钥(privatekey)
公开密钥与私有密钥是一对,用公开密钥对数据进行加密,只有用对应的私有密钥才能解密;
特点:
非对称密码体制的特点:算法强度复杂、安全性依赖于算法与密钥但是由于其算法复杂,而使得加密解密速度没有对称加密解密的速度快
对称密码体制中只有一种密钥,并且是非公开的,如果要解密就得让对方知道密钥。所以保证其安全性就是保证密钥的安全,而非对称密钥体制有两种密钥,其中一个是公开的,这样就可以不需要像对称密码那样传输对方的密钥了
具体代码:
.h
// return base64 encoded string
+ (NSString *)encryptString:(NSString *)str publicKey:(NSString *)pubKey;
// return raw data
+ (NSData *)encryptData:(NSData *)data publicKey:(NSString *)pubKey;
// return base64 encoded string
+ (NSString *)encryptString:(NSString *)str privateKey:(NSString *)privKey;
// return raw data
+ (NSData *)encryptData:(NSData *)data privateKey:(NSString *)privKey;
// decrypt base64 encoded string, convert result to string(not base64 encoded)
+ (NSString *)decryptString:(NSString *)str publicKey:(NSString *)pubKey;
+ (NSData *)decryptData:(NSData *)data publicKey:(NSString *)pubKey;
+ (NSString *)decryptString:(NSString *)str privateKey:(NSString *)privKey;
+ (NSData *)decryptData:(NSData *)data privateKey:(NSString *)privKey;
实现
static NSString *base64_encode_data(NSData *data){
data = [data base64EncodedDataWithOptions:0];
NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return ret;
}
static NSData *base64_decode(NSString *str){
NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters];
return data;
}
+ (NSData *)stripPublicKeyHeader:(NSData *)d_key{
// Skip ASN.1 public key header
if (d_key == nil) return(nil);
unsigned long len = [d_key length];
if (!len) return(nil);
unsigned char *c_key = (unsigned char *)[d_key bytes];
unsigned int idx = 0;
if (c_key[idx++] != 0x30) return(nil);
if (c_key[idx] > 0x80) idx += c_key[idx] - 0x80 + 1;
else idx++;
// PKCS #1 rsaEncryption szOID_RSA_RSA
static unsigned char seqiod[] =
{ 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
0x01, 0x05, 0x00 };
if (memcmp(&c_key[idx], seqiod, 15)) return(nil);
idx += 15;
if (c_key[idx++] != 0x03) return(nil);
if (c_key[idx] > 0x80) idx += c_key[idx] - 0x80 + 1;
else idx++;
if (c_key[idx++] != '\0') return(nil);
// Now make a new NSData from this buffer
return([NSData dataWithBytes:&c_key[idx] length:len - idx]);
}
+ (NSData *)stripPrivateKeyHeader:(NSData *)d_key{
// Skip ASN.1 private key header
if (d_key == nil) return(nil);
unsigned long len = [d_key length];
if (!len) return(nil);
unsigned char *c_key = (unsigned char *)[d_key bytes];
unsigned int idx = 22; //magic byte at offset 22
if (0x04 != c_key[idx++]) return nil;
unsigned int c_len = c_key[idx++];
int det = c_len & 0x80;
if (!det) {
c_len = c_len & 0x7f;
} else {
int byteCount = c_len & 0x7f;
if (byteCount + idx > len) {
//rsa length field longer than buffer
return nil;
}
unsigned int accum = 0;
unsigned char *ptr = &c_key[idx];
idx += byteCount;
while (byteCount) {
accum = (accum << 8) + *ptr;
ptr++;
byteCount--;
}
c_len = accum;
}
// Now make a new NSData from this buffer
return [d_key subdataWithRange:NSMakeRange(idx, c_len)];
}
+ (SecKeyRef)addPublicKey:(NSString *)key{
NSRange spos = [key rangeOfString:@"-----BEGIN PUBLIC KEY-----"];
NSRange epos = [key rangeOfString:@"-----END PUBLIC KEY-----"];
if(spos.location != NSNotFound && epos.location != NSNotFound){
NSUInteger s = spos.location + spos.length;
NSUInteger e = epos.location;
NSRange range = NSMakeRange(s, e-s);
key = [key substringWithRange:range];
}
key = [key stringByReplacingOccurrencesOfString:@"\r" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@"\n" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@"\t" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@" " withString:@""];
// This will be base64 encoded, decode it.
NSData *data = base64_decode(key);
data = [LHRSA stripPublicKeyHeader:data];
if(!data){
return nil;
}
//a tag to read/write keychain storage
NSString *tag = @"RSAUtil_PubKey";
NSData *d_tag = [NSData dataWithBytes:[tag UTF8String] length:[tag length]];
// Delete any old lingering key with the same tag
NSMutableDictionary *publicKey = [[NSMutableDictionary alloc] init];
[publicKey setObject:(__bridge id) kSecClassKey forKey:(__bridge id)kSecClass];
[publicKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
[publicKey setObject:d_tag forKey:(__bridge id)kSecAttrApplicationTag];
SecItemDelete((__bridge CFDictionaryRef)publicKey);
// Add persistent version of the key to system keychain
[publicKey setObject:data forKey:(__bridge id)kSecValueData];
[publicKey setObject:(__bridge id) kSecAttrKeyClassPublic forKey:(__bridge id)
kSecAttrKeyClass];
[publicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)
kSecReturnPersistentRef];
CFTypeRef persistKey = nil;
OSStatus status = SecItemAdd((__bridge CFDictionaryRef)publicKey, &persistKey);
if (persistKey != nil){
CFRelease(persistKey);
}
if ((status != noErr) && (status != errSecDuplicateItem)) {
return nil;
}
[publicKey removeObjectForKey:(__bridge id)kSecValueData];
[publicKey removeObjectForKey:(__bridge id)kSecReturnPersistentRef];
[publicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef];
[publicKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
// Now fetch the SecKeyRef version of the key
SecKeyRef keyRef = nil;
status = SecItemCopyMatching((__bridge CFDictionaryRef)publicKey, (CFTypeRef *)&keyRef);
if(status != noErr){
return nil;
}
return keyRef;
}
+ (SecKeyRef)addPrivateKey:(NSString *)key{
NSRange spos;
NSRange epos;
spos = [key rangeOfString:@"-----BEGIN RSA PRIVATE KEY-----"];
if(spos.length > 0){
epos = [key rangeOfString:@"-----END RSA PRIVATE KEY-----"];
}else{
spos = [key rangeOfString:@"-----BEGIN PRIVATE KEY-----"];
epos = [key rangeOfString:@"-----END PRIVATE KEY-----"];
}
if(spos.location != NSNotFound && epos.location != NSNotFound){
NSUInteger s = spos.location + spos.length;
NSUInteger e = epos.location;
NSRange range = NSMakeRange(s, e-s);
key = [key substringWithRange:range];
}
key = [key stringByReplacingOccurrencesOfString:@"\r" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@"\n" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@"\t" withString:@""];
key = [key stringByReplacingOccurrencesOfString:@" " withString:@""];
// This will be base64 encoded, decode it.
NSData *data = base64_decode(key);
data = [LHRSA stripPrivateKeyHeader:data];
if(!data){
return nil;
}
//a tag to read/write keychain storage
NSString *tag = @"RSAUtil_PrivKey";
NSData *d_tag = [NSData dataWithBytes:[tag UTF8String] length:[tag length]];
// Delete any old lingering key with the same tag
NSMutableDictionary *privateKey = [[NSMutableDictionary alloc] init];
[privateKey setObject:(__bridge id) kSecClassKey forKey:(__bridge id)kSecClass];
[privateKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
[privateKey setObject:d_tag forKey:(__bridge id)kSecAttrApplicationTag];
SecItemDelete((__bridge CFDictionaryRef)privateKey);
// Add persistent version of the key to system keychain
[privateKey setObject:data forKey:(__bridge id)kSecValueData];
[privateKey setObject:(__bridge id) kSecAttrKeyClassPrivate forKey:(__bridge id)
kSecAttrKeyClass];
[privateKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)
kSecReturnPersistentRef];
CFTypeRef persistKey = nil;
OSStatus status = SecItemAdd((__bridge CFDictionaryRef)privateKey, &persistKey);
if (persistKey != nil){
CFRelease(persistKey);
}
if ((status != noErr) && (status != errSecDuplicateItem)) {
return nil;
}
[privateKey removeObjectForKey:(__bridge id)kSecValueData];
[privateKey removeObjectForKey:(__bridge id)kSecReturnPersistentRef];
[privateKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef];
[privateKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType];
// Now fetch the SecKeyRef version of the key
SecKeyRef keyRef = nil;
status = SecItemCopyMatching((__bridge CFDictionaryRef)privateKey, (CFTypeRef *)&keyRef);
if(status != noErr){
return nil;
}
return keyRef;
}
/* START: Encryption & Decryption with RSA private key */
+ (NSData *)encryptData:(NSData *)data withKeyRef:(SecKeyRef) keyRef isSign:(BOOL)isSign {
const uint8_t *srcbuf = (const uint8_t *)[data bytes];
size_t srclen = (size_t)data.length;
size_t block_size = SecKeyGetBlockSize(keyRef) * sizeof(uint8_t);
void *outbuf = malloc(block_size);
size_t src_block_size = block_size - 11;
NSMutableData *ret = [[NSMutableData alloc] init];
for(int idx=0; idx<srclen; idx+=src_block_size){
//NSLog(@"%d/%d block_size: %d", idx, (int)srclen, (int)block_size);
size_t data_len = srclen - idx;
if(data_len > src_block_size){
data_len = src_block_size;
}
size_t outlen = block_size;
OSStatus status = noErr;
if (isSign) {
status = SecKeyRawSign(keyRef,
kSecPaddingPKCS1,
srcbuf + idx,
data_len,
outbuf,
&outlen
);
} else {
status = SecKeyEncrypt(keyRef,
kSecPaddingPKCS1,
srcbuf + idx,
data_len,
outbuf,
&outlen
);
}
if (status != 0) {
NSLog(@"SecKeyEncrypt fail. Error Code: %d", status);
ret = nil;
break;
}else{
[ret appendBytes:outbuf length:outlen];
}
}
free(outbuf);
CFRelease(keyRef);
return ret;
}
+ (NSString *)encryptString:(NSString *)str privateKey:(NSString *)privKey{
NSData *data = [LHRSA encryptData:[str dataUsingEncoding:NSUTF8StringEncoding] privateKey:privKey];
NSString *ret = base64_encode_data(data);
return ret;
}
+ (NSData *)encryptData:(NSData *)data privateKey:(NSString *)privKey{
if(!data || !privKey){
return nil;
}
SecKeyRef keyRef = [LHRSA addPrivateKey:privKey];
if(!keyRef){
return nil;
}
return [LHRSA encryptData:data withKeyRef:keyRef isSign:YES];
}
+ (NSData *)decryptData:(NSData *)data withKeyRef:(SecKeyRef) keyRef{
const uint8_t *srcbuf = (const uint8_t *)[data bytes];
size_t srclen = (size_t)data.length;
size_t block_size = SecKeyGetBlockSize(keyRef) * sizeof(uint8_t);
UInt8 *outbuf = malloc(block_size);
size_t src_block_size = block_size;
NSMutableData *ret = [[NSMutableData alloc] init];
for(int idx=0; idx<srclen; idx+=src_block_size){
//NSLog(@"%d/%d block_size: %d", idx, (int)srclen, (int)block_size);
size_t data_len = srclen - idx;
if(data_len > src_block_size){
data_len = src_block_size;
}
size_t outlen = block_size;
OSStatus status = noErr;
status = SecKeyDecrypt(keyRef,
kSecPaddingNone,
srcbuf + idx,
data_len,
outbuf,
&outlen
);
if (status != 0) {
NSLog(@"SecKeyEncrypt fail. Error Code: %d", status);
ret = nil;
break;
}else{
//the actual decrypted data is in the middle, locate it!
int idxFirstZero = -1;
int idxNextZero = (int)outlen;
for ( int i = 0; i < outlen; i++ ) {
if ( outbuf[i] == 0 ) {
if ( idxFirstZero < 0 ) {
idxFirstZero = i;
} else {
idxNextZero = i;
break;
}
}
}
[ret appendBytes:&outbuf[idxFirstZero+1] length:idxNextZero-idxFirstZero-1];
}
}
free(outbuf);
CFRelease(keyRef);
return ret;
}
+ (NSString *)decryptString:(NSString *)str privateKey:(NSString *)privKey{
NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters];
data = [LHRSA decryptData:data privateKey:privKey];
NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return ret;
}
+ (NSData *)decryptData:(NSData *)data privateKey:(NSString *)privKey{
if(!data || !privKey){
return nil;
}
SecKeyRef keyRef = [LHRSA addPrivateKey:privKey];
if(!keyRef){
return nil;
}
return [LHRSA decryptData:data withKeyRef:keyRef];
}
/* END: Encryption & Decryption with RSA private key */
/* START: Encryption & Decryption with RSA public key */
+ (NSString *)encryptString:(NSString *)str publicKey:(NSString *)pubKey{
NSData *data = [LHRSA encryptData:[str dataUsingEncoding:NSUTF8StringEncoding] publicKey:pubKey];
NSString *ret = base64_encode_data(data);
return ret;
}
+ (NSData *)encryptData:(NSData *)data publicKey:(NSString *)pubKey{
if(!data || !pubKey){
return nil;
}
SecKeyRef keyRef = [LHRSA addPublicKey:pubKey];
if(!keyRef){
return nil;
}
return [LHRSA encryptData:data withKeyRef:keyRef isSign:NO];
}
+ (NSString *)decryptString:(NSString *)str publicKey:(NSString *)pubKey{
NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters];
data = [LHRSA decryptData:data publicKey:pubKey];
NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return ret;
}
+ (NSData *)decryptData:(NSData *)data publicKey:(NSString *)pubKey{
if(!data || !pubKey){
return nil;
}
SecKeyRef keyRef = [LHRSA addPublicKey:pubKey];
if(!keyRef){
return nil;
}
return [LHRSA decryptData:data withKeyRef:keyRef];
}
调用
//公钥
NSString *publicKey = @"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVtz/hQUNiLE1prYofqLlmYtK0OupHN7wk+ZaeYVoQqk0v+1w/MIUm20BGKNjVAo9ZBH7IDWSQ25Mhh9+niizPULk+tWqvm5wWOwEy5R/dbjNmGDFCrFXC0gYAXI4uLhcVNGNWbu3mm3BVh9LmVU+d3qr1ZxILkJ+36x/VCe/vIQIDAQAB";
//私钥
NSString *privateKey = @"MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJW3P+FBQ2IsTWmtih+ouWZi0rQ66kc3vCT5lp5hWhCqTS/7XD8whSbbQEYo2NUCj1kEfsgNZJDbkyGH36eKLM9QuT61aq+bnBY7ATLlH91uM2YYMUKsVcLSBgBcji4uFxU0Y1Zu7eabcFWH0uZVT53eqvVnEguQn7frH9UJ7+8hAgMBAAECgYBrkxpRTkWOmuqczlb63I8q5EMlwVdpCMEliDkTYDwI0XVYzrG/rate+hc60krK82Xwvmwibo0eEMetRiYMChqbWrwnNwTRP0dJGRxiaVAaS7rBW79swNhzzz985cszkJ5fo7fIym6hbZjRFBz1dwtVNsCg4Ts5OCCrEoRn163m6QJBAMPKfihawOV9IKIBJ+J/jTUojuwuw/3MPLrVth27I0F0ET7MdtFG4qpmzmZtr0ZuV7ewGqRiT1Q7MfrvoHTYJ0sCQQDDwYWG8NAlv8FO56WlEuouuq4q+Pp6XOuGR6IUa4En+E+nvkYUc6Rmqy5Q/wuyiHEfAAgwE72nJHRDdHwPSGPDAkEAvGQXSBUrDqZ7w+aAzjwVT1UbUL8e7xKaTNxeQ/VRUyWvglGS8oPWjkglygE4afi6hpD40buWwWHEEcSJDGUASQJAdzuyhyS6w6NurQ7vmAJTXa8bUtVgS5O5aYrMMD/i5WObsQJ2URK2+kod5fvTNiVhMY6lbhM4G0xa/JNA1VY0XQJAJJ8pT9ienNfAxZSgF+4Q8WIq+bnz78L/FKKYRD0BOie23rgGHtBn2XCxPS46Vh3CT9FFKEfXv4r2TiFGF3yqYg==";
//要加密的数据
NSString *sourceStr = @"123456";
//公钥加密
NSString *encryptStr = [LHRSA encryptString:sourceStr publicKey:publicKey];
//私钥解密
NSString *decrypeStr = [LHRSA decryptString:encryptStr privateKey:privateKey];
NSLog(@"\n加密后的数据:%@ \n 解密后的数据:%@",encryptStr,decrypeStr);
运行结果 :
2018-11-27 15:27:13.099152+0800 Encryption[12828:3995427]
加密后的数据:F+I/egBsrrGlneTT4vr6b6Q9slJ5zPJBhGx85kKEsfkbkvlh1DcVOW29vaCdPQ2klwIyjVOC+FM9PoJRPa6h9RJX5h/ESEz2dD7ZAl2kEkvVr69Eg+1KYzLhAlNagHiT1bMcXRIBfO99oyrJFqLQoWlLG3jURyXwjzQ7Lwc9rmU=
解密后的数据:123456
4、AES 对称密钥加密
加密代码实现:引入 #import
+ (NSData *)AES256EncryptWithKey:(NSString *)key encryptString:(NSString *)str{
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [str length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
NULL /* initialization vector (optional) */,
[[str dataUsingEncoding:NSUTF8StringEncoding] bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer); //free the buffer;
return nil;
}
+ (NSData *)AES256DecryptWithKey:(NSString *)key DecryptString:(NSData *)str{
// 'key' should be 32 bytes for AES256, will be null-padded otherwise
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [str length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
NULL /* initialization vector (optional) */,
[str bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
}
free(buffer); //free the buffer;
return nil;
}
调用代码
//用来密钥
NSString * key = @"123456";
//用来发送的原始数据
NSString * secret = @"654321";
//用密钥加密
NSData * result = [LHAES AES256EncryptWithKey:key encryptString:secret];
//输出测试
NSLog(@"AES加密 :%@",result);
//解密方法
NSData * data = [LHAES AES256DecryptWithKey:key DecryptString:result];
NSLog(@"AES解密 :%@", [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]);
运行结果
2018-11-27 15:27:13.100121+0800 Encryption[12828:3995427] AES加密
:<93d4cdab 759376b4 51565e57 85f684f6> 2018-11-27 15:27:13.100257+0800
Encryption[12828:3995427] AES解密 :654321
5、DES 加密 :先将内容加密一下,然后转十六进制,传过去 ;DES解密 :把收到的数据转二进制,decode一下,然后再解密,得到原本的数据
代码实现 :引入 #import <CommonCrypto/CommonCryptor.h>
//加密
+ (NSString *) encryptUseDES2:(NSString *)content key:(NSString *)key{
NSString *ciphertext = nil;
const char *textBytes = [content UTF8String];
size_t dataLength = [content length];
uint8_t *bufferPtr = NULL;
size_t bufferPtrSize = 0;
size_t movedBytes = 0;
bufferPtrSize = (dataLength + kCCBlockSizeDES) & ~(kCCBlockSizeDES - 1);
bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t));
memset((void *)bufferPtr, 0x0, bufferPtrSize);
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithm3DES,
kCCOptionPKCS7Padding|kCCOptionECBMode,
[key UTF8String], kCCKeySize3DES,
NULL,
textBytes, dataLength,
(void *)bufferPtr, bufferPtrSize,
&movedBytes);
if (cryptStatus == kCCSuccess) {
ciphertext= [self parseByte2HexString:bufferPtr :(int)movedBytes];
}
ciphertext=[ciphertext uppercaseString];//字符变大写
return ciphertext ;
}
//加密用到的二进制转化十六进制方法:
+ (NSString *) parseByte2HexString:(Byte *) bytes :(int)len{
NSString *hexStr = @"";
if(bytes)
{
for(int i=0;i<len;i++)
{
NSString *newHexStr = [NSString stringWithFormat:@"%x",bytes[i]&0xff]; ///16进制数
if([newHexStr length] == 1)
hexStr = [NSString stringWithFormat:@"%@0%@",hexStr,newHexStr];
else
{
hexStr = [NSString stringWithFormat:@"%@%@",hexStr,newHexStr];
}
}
}
return hexStr;
}
//解密
+ (NSString *)decryptUseDES:(NSString *)content key:(NSString *)key
{
NSData* cipherData = [self convertHexStrToData:[content lowercaseString]];
unsigned char buffer[1024];
memset(buffer, 0, sizeof(char));
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
kCCAlgorithm3DES,
kCCOptionPKCS7Padding|kCCOptionECBMode,
[key UTF8String],
kCCKeySize3DES,
NULL,
[cipherData bytes],
[cipherData length],
buffer,
1024,
&numBytesDecrypted);
NSString* plainText = nil;
if (cryptStatus == kCCSuccess) {
NSData* data = [NSData dataWithBytes:buffer length:(NSUInteger)numBytesDecrypted];
plainText = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
}
return plainText;
}
//解密过程用到的十六进制转换二进制:
+ (NSData *)convertHexStrToData:(NSString *)str {
if (!str || [str length] == 0) {
return nil;
}
NSMutableData *hexData = [[NSMutableData alloc] initWithCapacity:8];
NSRange range;
if ([str length] % 2 == 0) {
range = NSMakeRange(0, 2);
} else {
range = NSMakeRange(0, 1);
}
for (NSInteger i = range.location; i < [str length]; i += 2) {
unsigned int anInt;
NSString *hexCharStr = [str substringWithRange:range];
NSScanner *scanner = [[NSScanner alloc] initWithString:hexCharStr];
[scanner scanHexInt:&anInt];
NSData *entity = [[NSData alloc] initWithBytes:&anInt length:1];
[hexData appendData:entity];
range.location += range.length;
range.length = 2;
}
return hexData;
}
调用代码
//用来密钥
NSString * keyDES = @"123456";
//用来发送的原始数据
NSString * secretDES = @"654321";
NSString * resultDES = [LHDES encryptUseDES2:secretDES key:keyDES];
NSLog(@"DES加密 :%@",resultDES);
NSString * decryptResult = [LHDES decryptUseDES:resultDES key:keyDES];
NSLog(@"DES解密 :%@",decryptResult);
运行结果
2018-11-27 15:27:13.100455+0800 Encryption[12828:3995427] DES加密
:CC1A2A7516D45169 2018-11-27 15:27:13.100643+0800
Encryption[12828:3995427] DES解密 :654321
