常见的几种加密方法和实
常见的几种加密方法 :
git demo下载
csdn demo下载
MD5
SHA1
RSA
AES
DES
1、MD5加密 是HASH算法一种、 是生成32位的数字字母混合码。 MD5主要特点是 不可逆
MD5算法还具有以下性质:
1、压缩性:任意长度的数据,算出的MD5值长度都是固定的。
2、容易计算:从原数据计算出MD5值很容易。
3、抗修改性:对原数据进行任何改动,哪怕只修改1个字节,所得到的MD5值都有很大区别。
4、弱抗碰撞:已知原数据和其MD5值,想找到一个具有相同MD5值的数据(即伪造数据)是非常困难的。
5、强抗碰撞:想找到两个不同的数据,使它们具有相同的MD5值,是非常困难的。
具体代码
//输出小写
- (NSString *)lowerMD5:(NSString *)inPutText
{
//传入参数,转化成char
const char *cStr = [inPutText UTF8String];
//开辟一个16字节的空间
unsigned char result[CC_MD5_DIGEST_LENGTH];
/*
extern unsigned char * CC_MD5(const void *data, CC_LONG len, unsigned char *md)官方封装好的加密方法
把str字符串转换成了32位的16进制数列(这个过程不可逆转) 存储到了md这个空间中
*/
CC_MD5(cStr, (CC_LONG)strlen(cStr), result);
return [[NSString stringWithFormat:@"%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",
result[0], result[1], result[2], result[3],
result[4], result[5], result[6], result[7],
result[8], result[9], result[10], result[11],
result[12], result[13], result[14], result[15]
] lowercaseString]; //大小写注意
}
//输出大写
- (NSString *)upperMD5:(NSString *)inPutText
{
//传入参数,转化成char
const char *cStr = [inPutText UTF8String];
//开辟一个16字节的空间
unsigned char result[CC_MD5_DIGEST_LENGTH];
/*
extern unsigned char * CC_MD5(const void *data, CC_LONG len, unsigned char *md)官方封装好的加密方法
把str字符串转换成了32位的16进制数列(这个过程不可逆转) 存储到了md这个空间中
*/
CC_MD5(cStr, (CC_LONG)strlen(cStr), result);
return [[NSString stringWithFormat:@"%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",
result[0], result[1], result[2], result[3],
result[4], result[5], result[6], result[7],
result[8], result[9], result[10], result[11],
result[12], result[13], result[14], result[15]
] uppercaseString]; //大小写注意
}
调用 : 代码实现
NSLog(@"小写:%@",[self lowerMD5:@"123456"]);
NSLog(@"大写:%@",[self upperMD5:@"123456"]);
为了让MD5码更加安全 ,我们现在都采用加盐,盐要越长越乱,得到的MD5码就很难查到。
static NSString * salt =@"asdfghjklpoiuytrewqzxcvbnm";
NSLog(@"加盐小写:%@",[self lowerMD5:[@"123456" stringByAppendingString:salt]]);
NSLog(@"加盐大写:%@",[self upperMD5:[@"123456" stringByAppendingString:salt]]);
输出结果
2018-11-27 15:27:12.012590+0800 Encryption[12828:3995427]
小写:e10adc3949ba59abbe56e057f20f883e 2018-11-27 15:27:12.012774+0800
Encryption[12828:3995427] 大写:E10ADC3949BA59ABBE56E057F20F883E
2018-11-27 15:27:12.012901+0800 Encryption[12828:3995427]
加盐小写:71d1bda9346fab4eea309f4ed74b8f80 2018-11-27 15:27:12.013108+0800
Encryption[12828:3995427] 加盐大写:71D1BDA9346FAB4EEA309F4ED74B8F80
2、SHA1 算法是哈希算法的一种
代码实现 :
//sha1
- (NSString *)sha1:(NSString *)input
{
const char *cstr = [input cStringUsingEncoding:NSUTF8StringEncoding];
NSData *data = [NSData dataWithBytes:cstr length:input.length];
//使用对应的 CC_SHA1_DIGEST_LENGTH,CC_SHA224_DIGEST_LENGTH,CC_SHA256_DIGEST_LENGTH,CC_SHA384_DIGEST_LENGTH,CC_SHA512_DIGEST_LENGTH的长度分别是20,28,32,48,64。;看你们需求选择对应的长度
uint8_t digest[CC_SHA1_DIGEST_LENGTH];
CC_SHA1(data.bytes, (unsigned int)data.length, digest);
NSMutableString *output = [NSMutableString stringWithCapacity:CC_SHA1_DIGEST_LENGTH * 2];
for(int i=0; i [output appendFormat:@"%02x", digest[i]]; } NSLog(@"sha----->%@",output); return output; } 调用 代码实现 [self sha1:@"123456"]; 运行结果 : 2018-11-27 15:27:12.013237+0800 Encryption[12828:3995427] sha----7c4a8d09ca3762af61e59520943dc26494f8941b 非对称加密算法需要两个密钥:公开密钥(publickey)和私有密钥(privatekey) 公开密钥与私有密钥是一对,用公开密钥对数据进行加密,只有用对应的私有密钥才能解密; 特点: 非对称密码体制的特点:算法强度复杂、安全性依赖于算法与密钥但是由于其算法复杂,而使得加密解密速度没有对称加密解密的速度快 对称密码体制中只有一种密钥,并且是非公开的,如果要解密就得让对方知道密钥。所以保证其安全性就是保证密钥的安全,而非对称密钥体制有两种密钥,其中一个是公开的,这样就可以不需要像对称密码那样传输对方的密钥了 具体代码: .h // return base64 encoded string + (NSString *)encryptString:(NSString *)str publicKey:(NSString *)pubKey; // return raw data + (NSData *)encryptData:(NSData *)data publicKey:(NSString *)pubKey; // return base64 encoded string + (NSString *)encryptString:(NSString *)str privateKey:(NSString *)privKey; // return raw data + (NSData *)encryptData:(NSData *)data privateKey:(NSString *)privKey; // decrypt base64 encoded string, convert result to string(not base64 encoded) + (NSString *)decryptString:(NSString *)str publicKey:(NSString *)pubKey; + (NSData *)decryptData:(NSData *)data publicKey:(NSString *)pubKey; + (NSString *)decryptString:(NSString *)str privateKey:(NSString *)privKey; + (NSData *)decryptData:(NSData *)data privateKey:(NSString *)privKey; 实现 static NSString *base64_encode_data(NSData *data){ data = [data base64EncodedDataWithOptions:0]; NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]; return ret; } static NSData *base64_decode(NSString *str){ NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters]; return data; } + (NSData *)stripPublicKeyHeader:(NSData *)d_key{ // Skip ASN.1 public key header if (d_key == nil) return(nil); unsigned long len = [d_key length]; if (!len) return(nil); unsigned char *c_key = (unsigned char *)[d_key bytes]; unsigned int idx = 0; if (c_key[idx++] != 0x30) return(nil); if (c_key[idx] > 0x80) idx += c_key[idx] - 0x80 + 1; else idx++; // PKCS #1 rsaEncryption szOID_RSA_RSA static unsigned char seqiod[] = { 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00 }; if (memcmp(&c_key[idx], seqiod, 15)) return(nil); idx += 15; if (c_key[idx++] != 0x03) return(nil); if (c_key[idx] > 0x80) idx += c_key[idx] - 0x80 + 1; else idx++; if (c_key[idx++] != '\0') return(nil); // Now make a new NSData from this buffer return([NSData dataWithBytes:&c_key[idx] length:len - idx]); } + (NSData *)stripPrivateKeyHeader:(NSData *)d_key{ // Skip ASN.1 private key header if (d_key == nil) return(nil); unsigned long len = [d_key length]; if (!len) return(nil); unsigned char *c_key = (unsigned char *)[d_key bytes]; unsigned int idx = 22; //magic byte at offset 22 if (0x04 != c_key[idx++]) return nil; unsigned int c_len = c_key[idx++]; int det = c_len & 0x80; if (!det) { c_len = c_len & 0x7f; } else { int byteCount = c_len & 0x7f; if (byteCount + idx > len) { //rsa length field longer than buffer return nil; } unsigned int accum = 0; unsigned char *ptr = &c_key[idx]; idx += byteCount; while (byteCount) { accum = (accum << 8) + *ptr; ptr++; byteCount--; } c_len = accum; } // Now make a new NSData from this buffer return [d_key subdataWithRange:NSMakeRange(idx, c_len)]; } + (SecKeyRef)addPublicKey:(NSString *)key{ NSRange spos = [key rangeOfString:@"-----BEGIN PUBLIC KEY-----"]; NSRange epos = [key rangeOfString:@"-----END PUBLIC KEY-----"]; if(spos.location != NSNotFound && epos.location != NSNotFound){ NSUInteger s = spos.location + spos.length; NSUInteger e = epos.location; NSRange range = NSMakeRange(s, e-s); key = [key substringWithRange:range]; } key = [key stringByReplacingOccurrencesOfString:@"\r" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@"\n" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@"\t" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@" " withString:@""]; // This will be base64 encoded, decode it. NSData *data = base64_decode(key); data = [LHRSA stripPublicKeyHeader:data]; if(!data){ return nil; } //a tag to read/write keychain storage NSString *tag = @"RSAUtil_PubKey"; NSData *d_tag = [NSData dataWithBytes:[tag UTF8String] length:[tag length]]; // Delete any old lingering key with the same tag NSMutableDictionary *publicKey = [[NSMutableDictionary alloc] init]; [publicKey setObject:(__bridge id) kSecClassKey forKey:(__bridge id)kSecClass]; [publicKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; [publicKey setObject:d_tag forKey:(__bridge id)kSecAttrApplicationTag]; SecItemDelete((__bridge CFDictionaryRef)publicKey); // Add persistent version of the key to system keychain [publicKey setObject:data forKey:(__bridge id)kSecValueData]; [publicKey setObject:(__bridge id) kSecAttrKeyClassPublic forKey:(__bridge id) kSecAttrKeyClass]; [publicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id) kSecReturnPersistentRef]; CFTypeRef persistKey = nil; OSStatus status = SecItemAdd((__bridge CFDictionaryRef)publicKey, &persistKey); if (persistKey != nil){ CFRelease(persistKey); } if ((status != noErr) && (status != errSecDuplicateItem)) { return nil; } [publicKey removeObjectForKey:(__bridge id)kSecValueData]; [publicKey removeObjectForKey:(__bridge id)kSecReturnPersistentRef]; [publicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef]; [publicKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; // Now fetch the SecKeyRef version of the key SecKeyRef keyRef = nil; status = SecItemCopyMatching((__bridge CFDictionaryRef)publicKey, (CFTypeRef *)&keyRef); if(status != noErr){ return nil; } return keyRef; } + (SecKeyRef)addPrivateKey:(NSString *)key{ NSRange spos; NSRange epos; spos = [key rangeOfString:@"-----BEGIN RSA PRIVATE KEY-----"]; if(spos.length > 0){ epos = [key rangeOfString:@"-----END RSA PRIVATE KEY-----"]; }else{ spos = [key rangeOfString:@"-----BEGIN PRIVATE KEY-----"]; epos = [key rangeOfString:@"-----END PRIVATE KEY-----"]; } if(spos.location != NSNotFound && epos.location != NSNotFound){ NSUInteger s = spos.location + spos.length; NSUInteger e = epos.location; NSRange range = NSMakeRange(s, e-s); key = [key substringWithRange:range]; } key = [key stringByReplacingOccurrencesOfString:@"\r" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@"\n" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@"\t" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@" " withString:@""]; // This will be base64 encoded, decode it. NSData *data = base64_decode(key); data = [LHRSA stripPrivateKeyHeader:data]; if(!data){ return nil; } //a tag to read/write keychain storage NSString *tag = @"RSAUtil_PrivKey"; NSData *d_tag = [NSData dataWithBytes:[tag UTF8String] length:[tag length]]; // Delete any old lingering key with the same tag NSMutableDictionary *privateKey = [[NSMutableDictionary alloc] init]; [privateKey setObject:(__bridge id) kSecClassKey forKey:(__bridge id)kSecClass]; [privateKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; [privateKey setObject:d_tag forKey:(__bridge id)kSecAttrApplicationTag]; SecItemDelete((__bridge CFDictionaryRef)privateKey); // Add persistent version of the key to system keychain [privateKey setObject:data forKey:(__bridge id)kSecValueData]; [privateKey setObject:(__bridge id) kSecAttrKeyClassPrivate forKey:(__bridge id) kSecAttrKeyClass]; [privateKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id) kSecReturnPersistentRef]; CFTypeRef persistKey = nil; OSStatus status = SecItemAdd((__bridge CFDictionaryRef)privateKey, &persistKey); if (persistKey != nil){ CFRelease(persistKey); } if ((status != noErr) && (status != errSecDuplicateItem)) { return nil; } [privateKey removeObjectForKey:(__bridge id)kSecValueData]; [privateKey removeObjectForKey:(__bridge id)kSecReturnPersistentRef]; [privateKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef]; [privateKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; // Now fetch the SecKeyRef version of the key SecKeyRef keyRef = nil; status = SecItemCopyMatching((__bridge CFDictionaryRef)privateKey, (CFTypeRef *)&keyRef); if(status != noErr){ return nil; } return keyRef; } /* START: Encryption & Decryption with RSA private key */ + (NSData *)encryptData:(NSData *)data withKeyRef:(SecKeyRef) keyRef isSign:(BOOL)isSign { const uint8_t *srcbuf = (const uint8_t *)[data bytes]; size_t srclen = (size_t)data.length; size_t block_size = SecKeyGetBlockSize(keyRef) * sizeof(uint8_t); void *outbuf = malloc(block_size); size_t src_block_size = block_size - 11; NSMutableData *ret = [[NSMutableData alloc] init]; for(int idx=0; idx //NSLog(@"%d/%d block_size: %d", idx, (int)srclen, (int)block_size); size_t data_len = srclen - idx; if(data_len > src_block_size){ data_len = src_block_size; } size_t outlen = block_size; OSStatus status = noErr; if (isSign) { status = SecKeyRawSign(keyRef, kSecPaddingPKCS1, srcbuf + idx, data_len, outbuf, &outlen ); } else { status = SecKeyEncrypt(keyRef, kSecPaddingPKCS1, srcbuf + idx, data_len, outbuf, &outlen ); } if (status != 0) { NSLog(@"SecKeyEncrypt fail. Error Code: %d", status); ret = nil; break; }else{ [ret appendBytes:outbuf length:outlen]; } } free(outbuf); CFRelease(keyRef); return ret; } + (NSString *)encryptString:(NSString *)str privateKey:(NSString *)privKey{ NSData *data = [LHRSA encryptData:[str dataUsingEncoding:NSUTF8StringEncoding] privateKey:privKey]; NSString *ret = base64_encode_data(data); return ret; } + (NSData *)encryptData:(NSData *)data privateKey:(NSString *)privKey{ if(!data || !privKey){ return nil; } SecKeyRef keyRef = [LHRSA addPrivateKey:privKey]; if(!keyRef){ return nil; } return [LHRSA encryptData:data withKeyRef:keyRef isSign:YES]; } + (NSData *)decryptData:(NSData *)data withKeyRef:(SecKeyRef) keyRef{ const uint8_t *srcbuf = (const uint8_t *)[data bytes]; size_t srclen = (size_t)data.length; size_t block_size = SecKeyGetBlockSize(keyRef) * sizeof(uint8_t); UInt8 *outbuf = malloc(block_size); size_t src_block_size = block_size; NSMutableData *ret = [[NSMutableData alloc] init]; for(int idx=0; idx //NSLog(@"%d/%d block_size: %d", idx, (int)srclen, (int)block_size); size_t data_len = srclen - idx; if(data_len > src_block_size){ data_len = src_block_size; } size_t outlen = block_size; OSStatus status = noErr; status = SecKeyDecrypt(keyRef, kSecPaddingNone, srcbuf + idx, data_len, outbuf, &outlen ); if (status != 0) { NSLog(@"SecKeyEncrypt fail. Error Code: %d", status); ret = nil; break; }else{ //the actual decrypted data is in the middle, locate it! int idxFirstZero = -1; int idxNextZero = (int)outlen; for ( int i = 0; i < outlen; i++ ) { if ( outbuf[i] == 0 ) { if ( idxFirstZero < 0 ) { idxFirstZero = i; } else { idxNextZero = i; break; } } } [ret appendBytes:&outbuf[idxFirstZero+1] length:idxNextZero-idxFirstZero-1]; } } free(outbuf); CFRelease(keyRef); return ret; } + (NSString *)decryptString:(NSString *)str privateKey:(NSString *)privKey{ NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters]; data = [LHRSA decryptData:data privateKey:privKey]; NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]; return ret; } + (NSData *)decryptData:(NSData *)data privateKey:(NSString *)privKey{ if(!data || !privKey){ return nil; } SecKeyRef keyRef = [LHRSA addPrivateKey:privKey]; if(!keyRef){ return nil; } return [LHRSA decryptData:data withKeyRef:keyRef]; } /* END: Encryption & Decryption with RSA private key */ /* START: Encryption & Decryption with RSA public key */ + (NSString *)encryptString:(NSString *)str publicKey:(NSString *)pubKey{ NSData *data = [LHRSA encryptData:[str dataUsingEncoding:NSUTF8StringEncoding] publicKey:pubKey]; NSString *ret = base64_encode_data(data); return ret; } + (NSData *)encryptData:(NSData *)data publicKey:(NSString *)pubKey{ if(!data || !pubKey){ return nil; } SecKeyRef keyRef = [LHRSA addPublicKey:pubKey]; if(!keyRef){ return nil; } return [LHRSA encryptData:data withKeyRef:keyRef isSign:NO]; } + (NSString *)decryptString:(NSString *)str publicKey:(NSString *)pubKey{ NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters]; data = [LHRSA decryptData:data publicKey:pubKey]; NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]; return ret; } + (NSData *)decryptData:(NSData *)data publicKey:(NSString *)pubKey{ if(!data || !pubKey){ return nil; } SecKeyRef keyRef = [LHRSA addPublicKey:pubKey]; if(!keyRef){ return nil; } return [LHRSA decryptData:data withKeyRef:keyRef]; } 调用 //公钥 NSString *publicKey = @"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVtz/hQUNiLE1prYofqLlmYtK0OupHN7wk+ZaeYVoQqk0v+1w/MIUm20BGKNjVAo9ZBH7IDWSQ25Mhh9+niizPULk+tWqvm5wWOwEy5R/dbjNmGDFCrFXC0gYAXI4uLhcVNGNWbu3mm3BVh9LmVU+d3qr1ZxILkJ+36x/VCe/vIQIDAQAB"; //私钥 NSString *privateKey = @"MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJW3P+FBQ2IsTWmtih+ouWZi0rQ66kc3vCT5lp5hWhCqTS/7XD8whSbbQEYo2NUCj1kEfsgNZJDbkyGH36eKLM9QuT61aq+bnBY7ATLlH91uM2YYMUKsVcLSBgBcji4uFxU0Y1Zu7eabcFWH0uZVT53eqvVnEguQn7frH9UJ7+8hAgMBAAECgYBrkxpRTkWOmuqczlb63I8q5EMlwVdpCMEliDkTYDwI0XVYzrG/rate+hc60krK82Xwvmwibo0eEMetRiYMChqbWrwnNwTRP0dJGRxiaVAaS7rBW79swNhzzz985cszkJ5fo7fIym6hbZjRFBz1dwtVNsCg4Ts5OCCrEoRn163m6QJBAMPKfihawOV9IKIBJ+J/jTUojuwuw/3MPLrVth27I0F0ET7MdtFG4qpmzmZtr0ZuV7ewGqRiT1Q7MfrvoHTYJ0sCQQDDwYWG8NAlv8FO56WlEuouuq4q+Pp6XOuGR6IUa4En+E+nvkYUc6Rmqy5Q/wuyiHEfAAgwE72nJHRDdHwPSGPDAkEAvGQXSBUrDqZ7w+aAzjwVT1UbUL8e7xKaTNxeQ/VRUyWvglGS8oPWjkglygE4afi6hpD40buWwWHEEcSJDGUASQJAdzuyhyS6w6NurQ7vmAJTXa8bUtVgS5O5aYrMMD/i5WObsQJ2URK2+kod5fvTNiVhMY6lbhM4G0xa/JNA1VY0XQJAJJ8pT9ienNfAxZSgF+4Q8WIq+bnz78L/FKKYRD0BOie23rgGHtBn2XCxPS46Vh3CT9FFKEfXv4r2TiFGF3yqYg=="; //要加密的数据 NSString *sourceStr = @"123456"; //公钥加密 NSString *encryptStr = [LHRSA encryptString:sourceStr publicKey:publicKey]; //私钥解密 NSString *decrypeStr = [LHRSA decryptString:encryptStr privateKey:privateKey]; NSLog(@"\n加密后的数据:%@ \n 解密后的数据:%@",encryptStr,decrypeStr); 运行结果 : 2018-11-27 15:27:13.099152+0800 Encryption[12828:3995427] 加密后的数据:F+I/egBsrrGlneTT4vr6b6Q9slJ5zPJBhGx85kKEsfkbkvlh1DcVOW29vaCdPQ2klwIyjVOC+FM9PoJRPa6h9RJX5h/ESEz2dD7ZAl2kEkvVr69Eg+1KYzLhAlNagHiT1bMcXRIBfO99oyrJFqLQoWlLG3jURyXwjzQ7Lwc9rmU= 解密后的数据:123456 加密代码实现:引入 #import + (NSData *)AES256EncryptWithKey:(NSString *)key encryptString:(NSString *)str{ char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused) bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) // fetch key data [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [str length]; size_t bufferSize = dataLength + kCCBlockSizeAES128; void *buffer = malloc(bufferSize); size_t numBytesEncrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, keyPtr, kCCKeySizeAES256, NULL /* initialization vector (optional) */, [[str dataUsingEncoding:NSUTF8StringEncoding] bytes], dataLength, /* input */ buffer, bufferSize, /* output */ &numBytesEncrypted); if (cryptStatus == kCCSuccess) { //the returned NSData takes ownership of the buffer and will free it on deallocation return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted]; } free(buffer); //free the buffer; return nil; } + (NSData *)AES256DecryptWithKey:(NSString *)key DecryptString:(NSData *)str{ // 'key' should be 32 bytes for AES256, will be null-padded otherwise char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused) bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) // fetch key data [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [str length]; size_t bufferSize = dataLength + kCCBlockSizeAES128; void *buffer = malloc(bufferSize); size_t numBytesDecrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, keyPtr, kCCKeySizeAES256, NULL /* initialization vector (optional) */, [str bytes], dataLength, /* input */ buffer, bufferSize, /* output */ &numBytesDecrypted); if (cryptStatus == kCCSuccess) { //the returned NSData takes ownership of the buffer and will free it on deallocation return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted]; } free(buffer); //free the buffer; return nil; } 调用代码 //用来密钥 NSString * key = @"123456"; //用来发送的原始数据 NSString * secret = @"654321"; //用密钥加密 NSData * result = [LHAES AES256EncryptWithKey:key encryptString:secret]; //输出测试 NSLog(@"AES加密 :%@",result); //解密方法 NSData * data = [LHAES AES256DecryptWithKey:key DecryptString:result]; NSLog(@"AES解密 :%@", [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]); 运行结果 2018-11-27 15:27:13.100121+0800 Encryption[12828:3995427] AES加密 :<93d4cdab 759376b4 51565e57 85f684f6> 2018-11-27 15:27:13.100257+0800 Encryption[12828:3995427] AES解密 :654321 5、DES 加密 :先将内容加密一下,然后转十六进制,传过去 ;DES解密 :把收到的数据转二进制,decode一下,然后再解密,得到原本的数据 代码实现 :引入 #import //加密 + (NSString *) encryptUseDES2:(NSString *)content key:(NSString *)key{ NSString *ciphertext = nil; const char *textBytes = [content UTF8String]; size_t dataLength = [content length]; uint8_t *bufferPtr = NULL; size_t bufferPtrSize = 0; size_t movedBytes = 0; bufferPtrSize = (dataLength + kCCBlockSizeDES) & ~(kCCBlockSizeDES - 1); bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t)); memset((void *)bufferPtr, 0x0, bufferPtrSize); CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithm3DES, kCCOptionPKCS7Padding|kCCOptionECBMode, [key UTF8String], kCCKeySize3DES, NULL, textBytes, dataLength, (void *)bufferPtr, bufferPtrSize, &movedBytes); if (cryptStatus == kCCSuccess) { ciphertext= [self parseByte2HexString:bufferPtr :(int)movedBytes]; } ciphertext=[ciphertext uppercaseString];//字符变大写 return ciphertext ; } //加密用到的二进制转化十六进制方法: + (NSString *) parseByte2HexString:(Byte *) bytes :(int)len{ NSString *hexStr = @""; if(bytes) { for(int i=0;i { NSString *newHexStr = [NSString stringWithFormat:@"%x",bytes[i]&0xff]; ///16进制数 if([newHexStr length] == 1) hexStr = [NSString stringWithFormat:@"%@0%@",hexStr,newHexStr]; else { hexStr = [NSString stringWithFormat:@"%@%@",hexStr,newHexStr]; } } } return hexStr; } //解密 + (NSString *)decryptUseDES:(NSString *)content key:(NSString *)key { NSData* cipherData = [self convertHexStrToData:[content lowercaseString]]; unsigned char buffer[1024]; memset(buffer, 0, sizeof(char)); size_t numBytesDecrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithm3DES, kCCOptionPKCS7Padding|kCCOptionECBMode, [key UTF8String], kCCKeySize3DES, NULL, [cipherData bytes], [cipherData length], buffer, 1024, &numBytesDecrypted); NSString* plainText = nil; if (cryptStatus == kCCSuccess) { NSData* data = [NSData dataWithBytes:buffer length:(NSUInteger)numBytesDecrypted]; plainText = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]; } return plainText; } //解密过程用到的十六进制转换二进制: + (NSData *)convertHexStrToData:(NSString *)str { if (!str || [str length] == 0) { return nil; } NSMutableData *hexData = [[NSMutableData alloc] initWithCapacity:8]; NSRange range; if ([str length] % 2 == 0) { range = NSMakeRange(0, 2); } else { range = NSMakeRange(0, 1); } for (NSInteger i = range.location; i < [str length]; i += 2) { unsigned int anInt; NSString *hexCharStr = [str substringWithRange:range]; NSScanner *scanner = [[NSScanner alloc] initWithString:hexCharStr]; [scanner scanHexInt:&anInt]; NSData *entity = [[NSData alloc] initWithBytes:&anInt length:1]; [hexData appendData:entity]; range.location += range.length; range.length = 2; } return hexData; } 调用代码 //用来密钥 NSString * keyDES = @"123456"; //用来发送的原始数据 NSString * secretDES = @"654321"; NSString * resultDES = [LHDES encryptUseDES2:secretDES key:keyDES]; NSLog(@"DES加密 :%@",resultDES); NSString * decryptResult = [LHDES decryptUseDES:resultDES key:keyDES]; NSLog(@"DES解密 :%@",decryptResult); 运行结果 2018-11-27 15:27:13.100455+0800 Encryption[12828:3995427] DES加密 :CC1A2A7516D45169 2018-11-27 15:27:13.100643+0800 Encryption[12828:3995427] DES解密 :6543213、RSA 非对称加密算法 (公钥私钥生成步骤点击)
4、AES 对称密钥加密