公司需要自己課件疮丛，講義等文件只能由自己的app打開幔嫂，不能夠由別的工具打開辆它，防止盜版。主要是pdf

無論是音頻履恩，視頻锰茉，文本文件，本質(zhì)只不過是一堆二進(jìn)制數(shù)據(jù)切心，之所以能夠被播放和閱讀洞辣，是因?yàn)檫@些二進(jìn)制數(shù)據(jù)都按照有自己特定的格式組合了數(shù)據(jù)，相應(yīng)的軟件可以根據(jù)約定好的格式去解析里面的數(shù)據(jù)然后呈現(xiàn)出相應(yīng)的結(jié)果昙衅。

pdf結(jié)構(gòu)格式介紹參考:
http://blog.csdn.net/pdfmaker/article/details/573990
同時(shí)可以使用工具PDFStreamDumper查看對(duì)應(yīng)的結(jié)構(gòu)扬霜。根據(jù)里面的結(jié)構(gòu)依次讀取二進(jìn)制文件信息結(jié)合pdf協(xié)議就可以制作pdf閱讀器，但是這應(yīng)該不是一個(gè)簡(jiǎn)單的事情而涉。pdf文件是支持設(shè)定密碼的著瓶，但是這里的需求不是用pdf自帶的密碼機(jī)制，而是希望對(duì)文件進(jìn)行加密啼县〔脑可以參考http://blog.csdn.net/pdfMaker/article/details/576210 在pdf格式的基礎(chǔ)上增加字段自定義自己的格式，但是有點(diǎn)復(fù)雜季眷，而且文中所介紹的pdf加密主要是對(duì)于普通用戶設(shè)置密碼和這里需求也不太一樣余蟹，如果這樣需要實(shí)現(xiàn)用戶口令驗(yàn)證算法和pdf加密算法。這兩個(gè)算法需要自己設(shè)計(jì)子刮，而且不能太簡(jiǎn)單威酒，因?yàn)閜df文件格式不像視頻那樣復(fù)雜惰蜜，所有的密碼信息都再文本中史侣，過于簡(jiǎn)單容易破解。而且課件還可能是ppt暇榴，如果用這樣的辦法加密ppt文件是不可行的橱赠。所有考慮到應(yīng)該對(duì)整個(gè)文件進(jìn)行加密尤仍。使用AES加密算法，下面的是AES算法是aes/ecb/pck5padding+base64

php 端

案例

header("Content-type: text/html; charset=utf-8");
require_once 'aes.php';
$content = file_get_contents('group.pdf');
$aes = new Security('1234567812345678', '');//密碼長(zhǎng)度16位
$res = $aes->encrypt($content);
file_put_contents('encrypt_pdf.pdf', $res);

php 加密類

class Security {

    private $key = null;
    private $signKey = null;
    /**
     *
     * @param $key      密鑰
     * @return String
     */
    public function __construct($key = null, $signKey = null) {

        if(is_null($key)) {
            throw new \Exception('set sccret key please.');
        }
        if(is_null($signKey)) {
            throw new \Exception('set sign key please.');
        }
        $this->key = $key;
        $this->signKey = $signKey;

    }
    /**
     * 加密
     * @param String input 加密的字符串
     * @param String key   解密的key
     * @return HexString
     */
    public function encrypt($input) {

        $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);
        $input = $this->pkcs5_pad($input, $size);
        $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');
        $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
        mcrypt_generic_init($td, $this->key, $iv);
        $data = mcrypt_generic($td, $input);
        mcrypt_generic_deinit($td);
        mcrypt_module_close($td);
        $data = base64_encode($data);
        return $data;

    }
    /**
     * 填充方式 pkcs5
     * @param String text        原始字符串
     * @param String blocksize   加密長(zhǎng)度
     * @return String
     */
    private function pkcs5_pad($text, $blocksize) {

        $pad = $blocksize - (strlen($text) % $blocksize);
        return $text . str_repeat(chr($pad), $pad);

    }

    /**
     * 解密
     * @param String input 解密的字符串
     * @param String key   解密的key
     * @return String
     */
    public function decrypt($sStr) {

        $decrypted= mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$this->key,base64_decode($sStr), MCRYPT_MODE_ECB);
        $dec_s = strlen($decrypted);
        $padding = ord($decrypted[$dec_s-1]);
        $decrypted = substr($decrypted, 0, -$padding);
        return $decrypted;
    }
}

iOS客戶端

使用了Reader 庫(kù):https://github.com/vfr/Reader狭姨，這是一個(gè)非常強(qiáng)大的開源pdf閱讀器宰啦。經(jīng)過研究發(fā)現(xiàn)系統(tǒng)加載pdf文件可以通過二進(jìn)制也可以通過文本路徑，所有我們可以以二進(jìn)制的方式讀取文件饼拍，先得到二進(jìn)制數(shù)據(jù)赡模，然后對(duì)NSData進(jìn)行解密后交給Reader庫(kù)處理。通過觀察可以發(fā)現(xiàn)該庫(kù)判斷一個(gè)文件是不是pdf就是根據(jù)pdf文件格式的前面部分是否包含pdf版本信息來確定的惕耕，加密后的文件是不會(huì)包含這些信息的纺裁，所以這可以作為是否加密的依據(jù)，這樣就可以同時(shí)打開加密的和不加密文件了。

更改 ReadContentPage.m 文件

    - (instancetype)initWithURL:(NSURL *)fileURL page:(NSInteger)page password:(NSString *)phrase
_PDFDocRef = CGPDFDocumentCreateUsingUrl((__bridge CFURLRef)fileURL, phrase);
        
        if (!_PDFDocRef) {
            NSData * data =  [NSData dataWithContentsOfURL:fileURL]; // CFURLRef from NSURL
            NSString *base64Encoded = [[NSString alloc]
                                       initWithData:data encoding:NSUTF8StringEncoding];
            data = [[NSData alloc]
                    initWithBase64EncodedString:base64Encoded options:0];
            data = [data AES256_Decrypt:@"1234567812345678"];;
            
            _PDFDocRef  = CGPDFDocumentCreateUsingData(CGDataProviderCreateWithCFData((CFDataRef)data), phrase);
        }

更改 ReaderDocument.m

- (instancetype)initWithFilePath:(NSString *)filePath password:(NSString *)phrase {
        if ([ReaderDocument isPDF:filePath] == YES) {
            CFURLRef docURLRef = (__bridge CFURLRef)[self fileURL]; // CFURLRef from NSURL
            thePDFDocRef = CGPDFDocumentCreateUsingUrl(docURLRef, _password);
        } else {
            NSData * data =  [NSData dataWithContentsOfFile:filePath]; // CFURLRef from NSURL
            NSString *base64Encoded = [[NSString alloc]
                                       initWithData:data encoding:NSUTF8StringEncoding];
            data = [[NSData alloc]
                    initWithBase64EncodedString:base64Encoded options:0];
            data = [data AES256_Decrypt:@"1234567812345678"];;
            thePDFDocRef  = CGPDFDocumentCreateUsingData(            CGDataProviderCreateWithCFData((CFDataRef)data), _password);
        }
}

iOS客戶端加密代碼 ：

@interface NSString (AES)

- (NSString *) AES256_Encrypt:(NSString *)key;

 - (NSString *) AES256_Decrypt:(NSString *)key;

- (NSString *)stringFromByte:(Byte)byteVal;
- (NSString *)hexStringFromData:(NSData *)data;

@end

//
//  NSString+AES.m
//  UIImage+PDF example
//
//  Created by Me on 17/7/2.
//
//

#import "NSString+AES.h"
#import "NSData+AES.h"

@implementation NSString (AES)
- (NSString *) AES256_Encrypt:(NSString *)key{
    const char *cstr = [self cStringUsingEncoding:NSUTF8StringEncoding];
    NSData *data = [NSData dataWithBytes:cstr length:self.length];
    //對(duì)數(shù)據(jù)進(jìn)行加密
    NSData *result = [data AES256_Encrypt:key];
    
    //轉(zhuǎn)換為2進(jìn)制字符串
    if (result && result.length > 0) {
        
        Byte *datas = (Byte*)[result bytes];
        NSMutableString *output = [NSMutableString stringWithCapacity:result.length * 2];
        for(int i = 0; i < result.length; i++){
            [output appendFormat:@"%02x", datas[i]];
        }
        return output;
    }
    return nil;
}

//解密
- (NSString *) AES256_Decrypt:(NSString *)key{
    //轉(zhuǎn)換為2進(jìn)制Data
    NSMutableData *data = [NSMutableData dataWithCapacity:self.length / 2];
    unsigned char whole_byte;
    char byte_chars[3] = {'\0','\0','\0'};
    int i;
    for (i=0; i < [self length] / 2; i++) {
        byte_chars[0] = [self characterAtIndex:i*2];
        byte_chars[1] = [self characterAtIndex:i*2+1];
        whole_byte = strtol(byte_chars, NULL, 16);
        [data appendBytes:&whole_byte length:1];
    }
    
    //對(duì)數(shù)據(jù)進(jìn)行解密
    NSData* result = [data AES256_Decrypt:key];
    if (result && result.length > 0) {
        return [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding];
    }
    return nil;
}

- (NSString *)stringFromByte:(Byte)byteVal
{
    NSMutableString *str = [NSMutableString string];
    
    //取高四位
    Byte byte1 = byteVal>>4;
    //取低四位
    Byte byte2 = byteVal & 0xf;
    //拼接16進(jìn)制字符串
    [str appendFormat:@"%x",byte1];
    [str appendFormat:@"%x",byte2];
    return str;
}

- (NSString *)hexStringFromData:(NSData *)data
{
    NSMutableString *str = [NSMutableString string];
    Byte *byte = (Byte *)[data bytes];
    for (int i = 0; i<[data length]; i++) {
        // byte+i為指針
        [str appendString:[self stringFromByte:*(byte+i)]];
    }
    return str;
}
@end

//
//  NSData+AES.h
//  UIImage+PDF example
//
//  Created by Me on 17/7/2.
//
//

#import <Foundation/Foundation.h>
#import <CommonCrypto/CommonDigest.h>
#import <CommonCrypto/CommonCryptor.h>

@interface NSData (AES)

- (NSData *) AES256_Encrypt:(NSString *)key;

- (NSData *) AES256_Decrypt:(NSString *)key;

- (NSString *)newStringInBase64FromData;

+(NSString*)base64encode:(NSString*)str;

- (NSData *)dataFromHexString:(NSString *)hexStr;
@end

//
//  NSData+AES.m
//  UIImage+PDF example
//
//  Created by 王國(guó)棟 on 17/7/2.
//
//

#import "NSData+AES.h"

static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

@implementation NSData (AES)
- (NSData *) AES256_Encrypt:(NSString *)key{
    char keyPtr[kCCKeySizeAES256+1];
    bzero(keyPtr, sizeof(keyPtr));
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
    NSUInteger dataLength = [self length];
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);
    size_t numBytesEncrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128,
                                          kCCOptionPKCS7Padding | kCCOptionECBMode,
                                          keyPtr, kCCBlockSizeAES128,
                                          NULL,
                                          [self bytes], dataLength,
                                          buffer, bufferSize,
                                          &numBytesEncrypted);
    if (cryptStatus == kCCSuccess) {
        return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
    }
    free(buffer);
    return nil;
}

 - (NSData *) AES256_Decrypt:(NSString *)key{

char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128,
                                      kCCOptionPKCS7Padding | kCCOptionECBMode,
                                      keyPtr, kCCBlockSizeAES128,
                                      NULL,
                                      [self bytes], dataLength,
                                      buffer, bufferSize,
                                      &numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
    return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
    
}
free(buffer);
return nil;
}

- (NSString *)newStringInBase64FromData
{
    NSMutableString *dest = [[NSMutableString alloc] initWithString:@""]; 
    unsigned char * working = (unsigned char *)[self bytes];
    int srcLen = (int)[self length];
    for (int i=0; i<srcLen; i += 3) {
        for (int nib=0; nib<4; nib++) {
            int byt = (nib == 0)?0:nib-1;
            int ix = (nib+1)*2;
            if (i+byt >= srcLen)
                 break;
            unsigned char curr = ((working[i+byt] << (8-ix)) & 0x3F);
            if (i+nib < srcLen) curr |= ((working[i+nib] >> ix) & 0x3F);
            [dest appendFormat:@"%c", base64[curr]];
          }
  }
    return dest;
}
+ (NSString*)base64encode:(NSString*)str
{
     if ([str length] == 0)
          return @"";
    const char *source = [str UTF8String];
    int strlength  = (int)strlen(source);
    char *characters = malloc(((strlength + 2) / 3) * 4);
    if (characters == NULL)
        return nil;
    NSUInteger length = 0;
    NSUInteger i = 0;
        while (i < strlength) {
        char buffer[3] = {0,0,0};
        short bufferLength = 0;
        while (bufferLength < 3 && i < strlength)
         buffer[bufferLength++] = source[i++];
        characters[length++] = base64[(buffer[0] & 0xFC) >> 2];
        characters[length++] = base64[((buffer[0] & 0x03) << 4) | ((buffer[1] & 0xF0) >> 4)];
        if (bufferLength > 1)         
   characters[length++] = base64[((buffer[1] & 0x0F) << 2) | ((buffer[2] & 0xC0) >> 6)];
        else characters[length++] = '=';
        if (bufferLength > 2)
            characters[length++] = base64[buffer[2] & 0x3F];
        else characters[length++] = '=';
    }
    NSString *g = [[NSString alloc] initWithBytesNoCopy:characters length:length encoding:NSASCIIStringEncoding freeWhenDone:YES];
    return g;
    
}
@end

算法升級(jí)

上面的是固定密鑰欺缘，不安全栋豫。可以考慮每個(gè)文件一個(gè)密鑰谚殊，可以由服務(wù)器記錄每個(gè)文件和對(duì)應(yīng)的密鑰丧鸯，但是麻煩。所以可以考慮到把密鑰進(jìn)行加密后寫在文件的末尾或者頭部嫩絮，客戶端直接從相應(yīng)位置提取丛肢，根據(jù)相應(yīng)的算法先解密密鑰，比如可以使用RSA算法加密密鑰剿干。服務(wù)器用公鑰加密蜂怎，客戶端保存私鑰。