iOS开发中几种常见的加解密方式
来源:互联网 发布:天成账号管家网络异常 编辑:程序博客网 时间:2024/06/05 00:35
iOS开发中几种常见的加解密方式
这篇文章主要介绍如下几种加密方式:
- base64
- md5
- AES
- RSA
在示例代码里面,没有专门写工具类,而是直接对NSString
写的分类,所有方法的调用直接采用[NSString xxxMethod];
的形式。
好了,不废话,直接上代码。
base64加解密
1、加密过程:
NSString+EncryptVerbHandle.h
文件如下:
/** base64加密 @param str 目标字符串 @return 加密后的字符串 */+ (NSString *) base64EncodeFromString:(NSString *) str;
NSString+EncryptVerbHandle.m
文件如下:
+ (NSString *)base64EncodeFromString:(NSString *)str{ //1、先将string转化为data二进制数据 NSData *data = [str dataUsingEncoding:NSUTF8StringEncoding]; //2、对二进制数据进行base64编码,返回编码后的字符串 return [data base64EncodedStringWithOptions:0];}
2、解密过程:
NSString+EncryptVerbHandle.h
文件如下:
/** base64解密 @param str 目标字符串 @return 解密后的字符串 */+ (NSString *) base64DecodeFromString:(NSString *) str;
NSString+EncryptVerbHandle.m
文件如下:
+ (NSString *)base64DecodeFromString:(NSString *)str{ //1、先将base64编码后的字符串『解码』为二进制数据 NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:0]; //2、把二进制数据转换为字符串返回 return [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];}
MD5加密
由于md5无法解密(某些网站上的解密方法只是通过大型数据库的匹配比较来实现的),故本文只介绍加密过程。
NSString+EncryptVerbHandle.h
文件如下:
/** MD5加密算法 MD5加密是单向的,只能加密不能解密. 【MD5加密特点】: 1、压缩性:任意长度的数据,算出的MD5值长度都是固定的。 2、容易计算:从原数据计算出MD5值很容易。 3、抗修改性:对原数据进行任何改动,哪怕只修改1个字节,所得到的MD5值都有很大区别。 4、强抗碰撞:已知原数据和其MD5值,想找到一个具有相同MD5值的数据(即伪造数据)是非常困难的。 @param str 目标字符串 @return md5加密后的字符串 */+ (NSString *) md5String:(NSString *) str;
NSString+EncryptVerbHandle.m
文件如下:
+ (NSString *)md5String:(NSString *)str{ const char *cStr = [str UTF8String]; unsigned char digest[CC_MD5_DIGEST_LENGTH]; CC_MD5( cStr, (CC_LONG)strlen(cStr), digest); NSMutableString *output = [NSMutableString stringWithCapacity:CC_MD5_DIGEST_LENGTH * 2]; for(int i = 0; i < CC_MD5_DIGEST_LENGTH; i++) [output appendFormat:@"%02x", digest[i]]; return output;}
AES加解密
1、加密过程:
NSString+EncryptVerbHandle.h
文件如下:
/** AES加密算法 @param str 要加密的字符串 @return 加密后的字符串 */+ (NSString *) aes256_encrypt:(NSString *) str;
NSString+EncryptVerbHandle.m
文件如下:
+ (NSString *)aes256_encrypt:(NSString *)str{ char keyPtr[kCCKeySizeAES256 + 1]; bzero(keyPtr, sizeof(keyPtr)); /*AES加密与解密的秘钥,需要与后台协商共同定义,保持与后台的秘钥相同*/ [AES_KEY getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSData *sourceData = [str dataUsingEncoding:NSUTF8StringEncoding]; NSUInteger dataLength = [sourceData length]; size_t buffersize = dataLength + kCCBlockSizeAES128; void *buffer = malloc(buffersize); size_t numBytesEncrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding | kCCOptionECBMode, keyPtr, kCCBlockSizeAES128, NULL, [sourceData bytes], dataLength, buffer, buffersize, &numBytesEncrypted); if (cryptStatus == kCCSuccess) { NSData *encryptData = [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted]; //对加密后的二进制数据进行base64转码 return [encryptData base64EncodedStringWithOptions:NSDataBase64EncodingEndLineWithLineFeed]; }else{ free(buffer); return nil; }}
2、解密过程:
NSString+EncryptVerbHandle.h
文件如下:
/** AES解密算法 @param str 要解密的字符串 @return 解密后的字符串 */+ (NSString *) aes256_decrypt:(NSString *) str;
NSString+EncryptVerbHandle.m
文件如下:
+ (NSString *)aes256_decrypt:(NSString *)str{ //先对加密的字符串进行base64解码 NSData *decodeData = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters]; char keyPtr[kCCKeySizeAES256 + 1]; bzero(keyPtr, sizeof(keyPtr)); /*AES加密与解密的秘钥,需要与后台协商共同定义,保持与后台的秘钥相同*/ [AES_KEY getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [decodeData length]; size_t bufferSize = dataLength + kCCBlockSizeAES128; void *buffer = malloc(bufferSize); size_t numBytesDecrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding | kCCOptionECBMode, keyPtr, kCCBlockSizeAES128, NULL, [decodeData bytes], dataLength, buffer, bufferSize, &numBytesDecrypted); if (cryptStatus == kCCSuccess) { NSData *data = [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted]; NSString *result = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]; return result; }else{ free(buffer); return nil; }}
RSA加解密
【注意】采用公钥字符串加密和私钥字符串解密需要在工程中做如下设置: TARGETS
->Capabilities
->Keychain Sharing
-> 打开开关ON
公钥字符串和私钥字符串可以在线生成
1、加密过程:
NSString+EncryptVerbHandle.h
文件如下:
/** * RSA加密方法 * * @param str 需要加密的字符串 * @param pubKey 公钥字符串 */+ (NSString *)rsaEncryptString:(NSString *)str publicKey:(NSString *)pubKey;
NSString+EncryptVerbHandle.m
文件如下:
static NSString *base64_encode_data(NSData *data){ data = [data base64EncodedDataWithOptions:0]; NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]; return ret;}#pragma mark - RSA公钥字符串加密,秘钥可以在http://web.chacuo.net/netrsakeypair里生成+ (NSString *)rsaEncryptString:(NSString *)str publicKey:(NSString *)pubKey{ NSData *data = [self encryptData:[str dataUsingEncoding:NSUTF8StringEncoding] publicKey:pubKey]; NSString *ret = base64_encode_data(data); return ret;}+ (NSData *)encryptData:(NSData *)data publicKey:(NSString *)pubKey{ if(!data || !pubKey){ return nil; } SecKeyRef keyRef = [self addPublicKey:pubKey]; if(!keyRef){ return nil; } return [self encryptData:data withKeyRef:keyRef];}+ (SecKeyRef)addPublicKey:(NSString *)key{ NSRange spos = [key rangeOfString:@"-----BEGIN PUBLIC KEY-----"]; NSRange epos = [key rangeOfString:@"-----END PUBLIC KEY-----"]; if(spos.location != NSNotFound && epos.location != NSNotFound){ NSUInteger s = spos.location + spos.length; NSUInteger e = epos.location; NSRange range = NSMakeRange(s, e-s); key = [key substringWithRange:range]; } key = [key stringByReplacingOccurrencesOfString:@"\r" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@"\n" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@"\t" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@" " withString:@""]; // This will be base64 encoded, decode it. NSData *data = base64_decode(key); data = [self stripPublicKeyHeader:data]; if(!data){ return nil; } //a tag to read/write keychain storage NSString *tag = @"RSAUtil_PubKey"; NSData *d_tag = [NSData dataWithBytes:[tag UTF8String] length:[tag length]]; // Delete any old lingering key with the same tag NSMutableDictionary *publicKey = [[NSMutableDictionary alloc] init]; [publicKey setObject:(__bridge id) kSecClassKey forKey:(__bridge id)kSecClass]; [publicKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; [publicKey setObject:d_tag forKey:(__bridge id)kSecAttrApplicationTag]; SecItemDelete((__bridge CFDictionaryRef)publicKey); // Add persistent version of the key to system keychain [publicKey setObject:data forKey:(__bridge id)kSecValueData]; [publicKey setObject:(__bridge id) kSecAttrKeyClassPublic forKey:(__bridge id) kSecAttrKeyClass]; [publicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id) kSecReturnPersistentRef]; CFTypeRef persistKey = nil; OSStatus status = SecItemAdd((__bridge CFDictionaryRef)publicKey, &persistKey); if (persistKey != nil){ CFRelease(persistKey); } if ((status != noErr) && (status != errSecDuplicateItem)) { return nil; } [publicKey removeObjectForKey:(__bridge id)kSecValueData]; [publicKey removeObjectForKey:(__bridge id)kSecReturnPersistentRef]; [publicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef]; [publicKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; // Now fetch the SecKeyRef version of the key SecKeyRef keyRef = nil; status = SecItemCopyMatching((__bridge CFDictionaryRef)publicKey, (CFTypeRef *)&keyRef); if(status != noErr){ return nil; } return keyRef;}+ (NSData *)stripPublicKeyHeader:(NSData *)d_key{ // Skip ASN.1 public key header if (d_key == nil) return(nil); unsigned long len = [d_key length]; if (!len) return(nil); unsigned char *c_key = (unsigned char *)[d_key bytes]; unsigned int idx = 0; if (c_key[idx++] != 0x30) return(nil); if (c_key[idx] > 0x80) idx += c_key[idx] - 0x80 + 1; else idx++; // PKCS #1 rsaEncryption szOID_RSA_RSA static unsigned char seqiod[] = { 0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00 }; if (memcmp(&c_key[idx], seqiod, 15)) return(nil); idx += 15; if (c_key[idx++] != 0x03) return(nil); if (c_key[idx] > 0x80) idx += c_key[idx] - 0x80 + 1; else idx++; if (c_key[idx++] != '\0') return(nil); // Now make a new NSData from this buffer return ([NSData dataWithBytes:&c_key[idx] length:len - idx]);}+ (NSData *)encryptData:(NSData *)data withKeyRef:(SecKeyRef) keyRef{ const uint8_t *srcbuf = (const uint8_t *)[data bytes]; size_t srclen = (size_t)data.length; size_t block_size = SecKeyGetBlockSize(keyRef) * sizeof(uint8_t); void *outbuf = malloc(block_size); size_t src_block_size = block_size - 11; NSMutableData *ret = [[NSMutableData alloc] init]; for(int idx=0; idx<srclen; idx+=src_block_size){ //NSLog(@"%d/%d block_size: %d", idx, (int)srclen, (int)block_size); size_t data_len = srclen - idx; if(data_len > src_block_size){ data_len = src_block_size; } size_t outlen = block_size; OSStatus status = noErr; status = SecKeyEncrypt(keyRef, kSecPaddingPKCS1, srcbuf + idx, data_len, outbuf, &outlen ); if (status != 0) { NSLog(@"SecKeyEncrypt fail. Error Code: %d", status); ret = nil; break; }else{ [ret appendBytes:outbuf length:outlen]; } } free(outbuf); CFRelease(keyRef); return ret;}
2、解密过程:
NSString+EncryptVerbHandle.h
文件如下:
/** * RSA解密方法 * * @param str 需要解密的字符串 * @param privKey 私钥字符串 */+ (NSString *)rsaDecryptString:(NSString *)str privateKey:(NSString *)privKey;
NSString+EncryptVerbHandle.m
文件如下:
static NSData *base64_decode(NSString *str){ NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:NSDataBase64DecodingIgnoreUnknownCharacters]; return data;}#pragma mark - RSA私钥字符串解密+ (NSString *)rsaDecryptString:(NSString *)str privateKey:(NSString *)privKey{ if (!str) return nil; NSData *data = [[NSData alloc] initWithBase64EncodedString:str options:0]; data = [self decryptData:data privateKey:privKey]; NSString *ret = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding]; return ret;}+ (NSData *)decryptData:(NSData *)data privateKey:(NSString *)privKey{ if(!data || !privKey){ return nil; } SecKeyRef keyRef = [self addPrivateKey:privKey]; if(!keyRef){ return nil; } return [self decryptData:data withKeyRef:keyRef];}+ (SecKeyRef)addPrivateKey:(NSString *)key{ NSRange spos = [key rangeOfString:@"-----BEGIN RSA PRIVATE KEY-----"]; NSRange epos = [key rangeOfString:@"-----END RSA PRIVATE KEY-----"]; if(spos.location != NSNotFound && epos.location != NSNotFound){ NSUInteger s = spos.location + spos.length; NSUInteger e = epos.location; NSRange range = NSMakeRange(s, e-s); key = [key substringWithRange:range]; } key = [key stringByReplacingOccurrencesOfString:@"\r" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@"\n" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@"\t" withString:@""]; key = [key stringByReplacingOccurrencesOfString:@" " withString:@""]; // This will be base64 encoded, decode it. NSData *data = base64_decode(key); data = [self stripPrivateKeyHeader:data]; if(!data){ return nil; } //a tag to read/write keychain storage NSString *tag = @"RSAUtil_PrivKey"; NSData *d_tag = [NSData dataWithBytes:[tag UTF8String] length:[tag length]]; // Delete any old lingering key with the same tag NSMutableDictionary *privateKey = [[NSMutableDictionary alloc] init]; [privateKey setObject:(__bridge id) kSecClassKey forKey:(__bridge id)kSecClass]; [privateKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; [privateKey setObject:d_tag forKey:(__bridge id)kSecAttrApplicationTag]; SecItemDelete((__bridge CFDictionaryRef)privateKey); // Add persistent version of the key to system keychain [privateKey setObject:data forKey:(__bridge id)kSecValueData]; [privateKey setObject:(__bridge id) kSecAttrKeyClassPrivate forKey:(__bridge id) kSecAttrKeyClass]; [privateKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id) kSecReturnPersistentRef]; CFTypeRef persistKey = nil; OSStatus status = SecItemAdd((__bridge CFDictionaryRef)privateKey, &persistKey); if (persistKey != nil){ CFRelease(persistKey); } if ((status != noErr) && (status != errSecDuplicateItem)) { return nil; } [privateKey removeObjectForKey:(__bridge id)kSecValueData]; [privateKey removeObjectForKey:(__bridge id)kSecReturnPersistentRef]; [privateKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef]; [privateKey setObject:(__bridge id) kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; // Now fetch the SecKeyRef version of the key SecKeyRef keyRef = nil; status = SecItemCopyMatching((__bridge CFDictionaryRef)privateKey, (CFTypeRef *)&keyRef); if(status != noErr){ return nil; } return keyRef;}+ (NSData *)stripPrivateKeyHeader:(NSData *)d_key{ // Skip ASN.1 private key header if (d_key == nil) return(nil); unsigned long len = [d_key length]; if (!len) return(nil); unsigned char *c_key = (unsigned char *)[d_key bytes]; unsigned int idx = 22; //magic byte at offset 22 if (0x04 != c_key[idx++]) return nil; //calculate length of the key unsigned int c_len = c_key[idx++]; int det = c_len & 0x80; if (!det) { c_len = c_len & 0x7f; } else { int byteCount = c_len & 0x7f; if (byteCount + idx > len) { //rsa length field longer than buffer return nil; } unsigned int accum = 0; unsigned char *ptr = &c_key[idx]; idx += byteCount; while (byteCount) { accum = (accum << 8) + *ptr; ptr++; byteCount--; } c_len = accum; } // Now make a new NSData from this buffer return [d_key subdataWithRange:NSMakeRange(idx, c_len)];}+ (NSData *)decryptData:(NSData *)data withKeyRef:(SecKeyRef) keyRef{ const uint8_t *srcbuf = (const uint8_t *)[data bytes]; size_t srclen = (size_t)data.length; size_t block_size = SecKeyGetBlockSize(keyRef) * sizeof(uint8_t); UInt8 *outbuf = malloc(block_size); size_t src_block_size = block_size; NSMutableData *ret = [[NSMutableData alloc] init]; for(int idx=0; idx<srclen; idx+=src_block_size){ //NSLog(@"%d/%d block_size: %d", idx, (int)srclen, (int)block_size); size_t data_len = srclen - idx; if(data_len > src_block_size){ data_len = src_block_size; } size_t outlen = block_size; OSStatus status = noErr; status = SecKeyDecrypt(keyRef, kSecPaddingNone, srcbuf + idx, data_len, outbuf, &outlen ); if (status != 0) { NSLog(@"SecKeyEncrypt fail. Error Code: %d", status); ret = nil; break; }else{ //the actual decrypted data is in the middle, locate it! int idxFirstZero = -1; int idxNextZero = (int)outlen; for ( int i = 0; i < outlen; i++ ) { if ( outbuf[i] == 0 ) { if ( idxFirstZero < 0 ) { idxFirstZero = i; } else { idxNextZero = i; break; } } } [ret appendBytes:&outbuf[idxFirstZero+1] length:idxNextZero-idxFirstZero-1]; } } free(outbuf); CFRelease(keyRef); return ret;}
阅读全文
1 0
- iOS开发中几种常见的加解密方式
- IOS开发各种加解密,编解码
- IOS开发各种加解密,编解码
- iOS开发探索-RSA加解密
- Base64加解密的实现方式
- DES方式加解密的简单介绍
- AES方式加解密的简单介绍
- Office加解密方式
- ios、java之间的RSA加解密
- 常见的几种加解密的方式
- iOS开发————数据本地化方式之SSKeychain--基础上进行CBC加解密
- iOS-AES加解密
- ios加解密
- ios RSA加解密
- iOS RSA加解密
- iOS AES128加解密
- CTF加密解密 常见的加密方式
- iOS开发 OC与java相对应的3DES加解密
- mobiscroll的简单应用(select、年月日)
- OpenStack-M版(Mitaka)搭建基于(Centos7.2)+++七、Openstack创建网络
- Linux命令(34)——vi命令
- java复习2
- oracle 解决本机ip数据源连接不上的问题
- iOS开发中几种常见的加解密方式
- mysql慢查询日志
- 《linux内核完全剖析》读书笔记——第四章 80x86保护模式及其编程
- java判断三个数字的大小(判断a,b,c按顺序从大到小,从小到大输出)
- 学习!从汇编开始
- Sorted Union
- 字符串首字母排序加密
- 六大设计原则基本概念
- window.open和window.location.href的区别