1.刚知道要做DES加密以为很简单,网上代码很多,各种DES加密,大致都一样。然而我们的后台的安卓是用的一套DES加密算法,没啥问题。可是到了我这边,总是不一致。
2.经过多次测试发现,是我这边的DES加密模式和后台对不上。DES加密有两种模式,ECB和CBC。还有就是填充模式,ios的填充模式只有两种 kCCOptionPKCS7Padding 和kCCOptionPKCS7Padding | kCCOptionECBMode。而后台填充模式就多了。这就需要一一对应才能实现加密和解密。
3.具体的对应模式是java的DES/ECB/PKCS5Padding对应ios的kCCOptionPKCS7Padding | kCCOptionECBMode,DES/CBC/PKCS5Padding对应ios的kCCOptionPKCS7Padding 。
4.具体的怎么加密呢,如下。
+(NSData*) encryptUseDES:(NSString*)plainText key:(NSString*)key
{ NSData*data;
NSString*ciphertext =nil;
NSData *textData = [plainText dataUsingEncoding:NSUTF8StringEncoding];
NSUIntegerdataLength = [textDatalength];
unsignedcharbuffer[1024];
memset(buffer,0,sizeof(char));
size_tnumBytesEncrypted =0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmDES,
kCCOptionPKCS7Padding ,
[keyUTF8String],kCCKeySizeDES,
iv,
[textDatabytes], dataLength,
buffer,1024,
&numBytesEncrypted);
if(cryptStatus ==kCCSuccess) {
data = [NSDatadataWithBytes:bufferlength:(NSUInteger)numBytesEncrypted];
}
returndata;
}
constByteiv[] = {1,2,3,4,5,6,7,8}; constByteiv[] = {0,1,2,3,4,5,6,7};
两个iv任选其一,必须要和你的后台对应。(CBC模式)
+(NSData*) encryptUseDES:(NSString*)plainText key:(NSString*)key
{ NSData*data;
NSString*ciphertext =nil;
NSData *textData = [plainText dataUsingEncoding:NSUTF8StringEncoding];
NSUIntegerdataLength = [textDatalength];
unsignedcharbuffer[1024];
memset(buffer,0,sizeof(char));
size_tnumBytesEncrypted =0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmDES,
kCCOptionPKCS7Padding | kCCOptionECBMode,
[keyUTF8String],kCCKeySizeDES,
NULL,
[textDatabytes], dataLength,
buffer,1024,
&numBytesEncrypted);
if(cryptStatus ==kCCSuccess) {
data = [NSDatadataWithBytes:bufferlength:(NSUInteger)numBytesEncrypted];
}
returndata;
}
不需要初始化iv的加密。(ECB模式)
5.具体的解密如下:
+(NSString*)decryptUseDES:(NSData*)cipherdata key:(NSString*)key
{
NSData*plaindata =nil;
NSString*plaintext =nil;
// NSData *cipherdata = [GTMBase64 decodeString:cipherText];
unsignedcharbuffer[1024];
memset(buffer,0,sizeof(char));
size_tnumBytesDecrypted =0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmDES,
kCCOptionPKCS7Padding ,
[keyUTF8String],kCCKeySizeDES,
iv,
[cipherdatabytes], [cipherdatalength],
buffer,1024,
&numBytesDecrypted);
if(cryptStatus ==kCCSuccess)
{
NSData*plaindata = [NSDatadataWithBytes:bufferlength:(NSUInteger)numBytesDecrypted];
plaintext = [[NSString alloc]initWithData:plaindata encoding:NSUTF8StringEncoding];
}
returnplaintext;
}
需要iv的解密。
+(NSString*)decryptUseDES:(NSData*)cipherdata key:(NSString*)key
{
NSData*plaindata =nil;
NSString*plaintext =nil;
// NSData *cipherdata = [GTMBase64 decodeString:cipherText];
unsignedcharbuffer[1024];
memset(buffer,0,sizeof(char));
size_tnumBytesDecrypted =0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmDES,
kCCOptionPKCS7Padding | kCCOptionECBMode,
[keyUTF8String],kCCKeySizeDES,
NULL,
[cipherdatabytes], [cipherdatalength],
buffer,1024,
&numBytesDecrypted);
if(cryptStatus ==kCCSuccess)
{
NSData*plaindata = [NSDatadataWithBytes:bufferlength:(NSUInteger)numBytesDecrypted];
plaintext = [[NSString alloc]initWithData:plaindata encoding:NSUTF8StringEncoding];
}
returnplaintext;
}
不需要iv的解密。
6.加密好的是Nsdata类型的,你们也可以转编码(BASE32和BASE64)都可以,根据你们的后端要求。