aes256加解密

最近用到了aes256加解密，故做下记录：

1.使用CCCrypt

key长度32位 iv向量16位

- (NSData *)encryptData:(void *)data length:(NSInteger)length key:(NSString *)key {
    char keyPtr[kCCKeySizeAES256 + 1];
    bzero(keyPtr, sizeof(keyPtr));
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
    NSString *iv = [key substringToIndex:16];
    
    NSUInteger dataLength = length;
    size_t buffersize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(buffersize);
    size_t numBytesEncrypted = 0;
    //填充模式 以及是否选择ECB模式，默认是CBC模式
    CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, keyPtr, 32, [iv UTF8String], data, dataLength, buffer, buffersize, &numBytesEncrypted);
    if (cryptStatus == kCCSuccess) {
//        NSLog(@"encrypt success");
        NSData *encryptData = [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
        return encryptData;
    } else {
//        NSLog(@"encrypt fail");
        return nil;
    }
}

- (NSData *)decryptData:(void *)data length:(NSInteger)length key:(NSString *)key {
    char keyPtr[kCCKeySizeAES256 + 1];
    bzero(keyPtr, sizeof(keyPtr));
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
    NSString *iv = [key substringToIndex:16];
    
    NSUInteger dataLength = length;
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);
    size_t numBytesDecrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, keyPtr, 32, [iv UTF8String], data, dataLength, buffer, bufferSize, &numBytesDecrypted);
    if (cryptStatus == kCCSuccess) {
//        NSLog(@"decrypt success");
        NSData *decryptData = [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
        return decryptData;
    } else {
//        NSLog(@"decrypt fail");
        return nil;
    }
}

2.使用FHAes

key长度32位 iv向量16位

void encrypt_aes256_cbc_pkcs7padding() {
    // 这里应该是需要加密的数据
    NSData *data = [NSData data];
    NSUInteger len = data.length;
    const char* psrc = (const char*)data.bytes;
    
    // 32位加密秘钥
    NSString *secretKey = @"12345678123456781234567812345678";
    const BYTE *key = (const BYTE *)[secretKey cStringUsingEncoding:NSUTF8StringEncoding];
    
    // 16位向量iv
    unsigned char iv[AES_BLOCK_SIZE] = { 0 };
    for (int i = 0; i < AES_BLOCK_SIZE; ++i) {
        iv[i] = key[i];
    }

    unsigned int key_schedule[AES_BLOCK_SIZE * 8] = { 0 };
    aes_key_setup(key, key_schedule, kAesKeySize);
    
    // 使用pkcs7padding 计算padding_len
    int r = len % AES_BLOCK_SIZE;
    int padding_len = AES_BLOCK_SIZE - r;
    int src_len = len + padding_len;

    auto src = (unsigned char*)malloc((src_len + 1) * sizeof(char));
    memset(src, 0, src_len);
    memcpy(src, psrc, len);
    if (padding_len > 0) {
        // 使用pkcs7padding 填充padding_len
        memset(src + len, (unsigned char)padding_len, padding_len);
    }
    
    //
    auto output = (unsigned char*)malloc((src_len + 1)* sizeof(char));
    memset(output, src_len, 0);

    aes_encrypt_cbc(src, src_len, output, key_schedule, kAesKeySize, iv);

    free(output);
    free(src);
}

void decrypt_aes256_cbc_pkcs7padding() {
    // 这里应该是加密过的数据，我在这随便写的
    NSData *data = [NSData data];
    NSUInteger len = data.length;
    const char* psrc = (const char*)data.bytes;
    
    // 32位加密秘钥
    NSString *secretKey = @"12345678123456781234567812345678";
    const BYTE *key = (const BYTE *)[secretKey cStringUsingEncoding:NSUTF8StringEncoding];
    
    // 16位向量iv
    unsigned char iv[AES_BLOCK_SIZE] = { 0 };
    for (int i = 0; i < AES_BLOCK_SIZE; ++i) {
        iv[i] = key[i];
    }

    unsigned int key_schedule[AES_BLOCK_SIZE * 8] = { 0 };
    aes_key_setup(key, key_schedule, kAesKeySize);
    
    auto src = (unsigned char*)malloc((len + 1) * sizeof(char));
    memset(src, 0, len);
    memcpy(src, psrc, len);
    
    auto output = (unsigned char*)malloc((len + 1)* sizeof(char));
    memset(output, len, 0);
    aes_decrypt_cbc((unsigned char*)src, len, (unsigned char*)output,
                    key_schedule, kAesKeySize, iv);
    
    unsigned int r = output[len - 1];
    int dst_len = len - r;
    
    free(output);
    free(src);
}

代码示例：
https://gitee.com/ayangcool100/aes.git