二話不說缤至,先上Demohttps://github.com/haidumou/CZHEncryption
RSA加密
RSA使用"秘匙對"對數(shù)據(jù)進(jìn)行加密解密.在加密解密數(shù)據(jù)前,需要先生成公鑰(public key)和私鑰(private key).
- 公鑰(public key): 用于加密數(shù)據(jù). 用于公開, 一般存放在數(shù)據(jù)提供方, 例如iOS客戶端.
- 私鑰(private key): 用于解密數(shù)據(jù). 必須保密, 私鑰泄露會造成安全問題.
iOS中的Security.framework提供了對RSA算法的支持.這種方式需要對密匙對進(jìn)行處理, 根據(jù)public key生成證書, 通過private key生成p12格式的密匙.除了Secruty.framework, 也可以將openssl庫編譯到iOS工程中, 這可以提供更靈活的使用方式.
本文使用Security.framework的方式處理RSA.
RSA加密需要了解的幾點:
- 公鑰加密,私鑰解密且蓬。加密的系統(tǒng)和解密的系統(tǒng)分開部署蜡娶,加密的系統(tǒng)不應(yīng)該同時具備解密的功能
- 生成密文的長度等于密鑰長度混卵。密鑰長度越大,生成密文的長度也就越大窖张,加密的速度也就越慢幕随,而密文也就越難被破解掉。
- 生成密文的長度和明文長度無關(guān)宿接,但明文長度不能超過密鑰長度赘淮。不管明文長度是多少辕录,RSA 生成的密文長度總是固定的。但是明文長度不能超過密鑰長度梢卸。
- 在iOS中使用RSA加密解密走诞,需要用到.der和.p12后綴格式的文件,其中.der格式的文件存放的是公鑰(Public key)用于加密蛤高,.p12格式的文件存放的是私鑰(Private key)用于解密
DES加解密
const Byte iv[] = {1,2,3,4,5,6,7,8};
/*加密/
+ (NSString *)DESEncrypt:(NSString *)plainText key:(NSString *)key
{
NSString *ciphertext = nil;
NSData *textData = [plainText dataUsingEncoding:NSUTF8StringEncoding];
NSUInteger dataLength = [textData length];
size_t bufferSize = dataLength + kCCBlockSizeDES;
void *buffer = malloc(bufferSize);
memset(buffer, 0, sizeof(char));
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmDES,
kCCOptionPKCS7Padding,
[key UTF8String], kCCKeySizeDES,
iv,
[textData bytes], dataLength,
buffer, bufferSize,
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
NSData *data = [NSData dataWithBytes:buffer length:(NSUInteger)numBytesEncrypted];
ciphertext = [data base64EncodedString];
}
return ciphertext;
}
/**解密*/ + (NSString *)DESDecrypt:(NSString *)cipherText key:(NSString *)key { NSString *plaintext = nil; NSData *cipherdata = [cipherText base64DecodedData]; NSUInteger dataLength = [cipherdata length]; size_t bufferSize = dataLength + kCCBlockSizeDES; void *buffer = malloc(bufferSize); memset(buffer, 0, sizeof(char)); size_t numBytesDecrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmDES, kCCOptionPKCS7Padding, [key UTF8String], kCCKeySizeDES, iv, [cipherdata bytes], dataLength, buffer, bufferSize, &numBytesDecrypted); if(cryptStatus == kCCSuccess) { NSData *plaindata = [NSData dataWithBytes:buffer length:(NSUInteger)numBytesDecrypted]; plaintext = [[NSString alloc]initWithData:plaindata encoding:NSUTF8StringEncoding]; } return plaintext; }
AES加解密
/**加密*/
- (NSString *)AES256Encrypt:(NSString *)key
{
const char *cstr = [self cStringUsingEncoding:NSUTF8StringEncoding];
NSData *data = [NSData dataWithBytes:cstr length:self.length];
//對數(shù)據(jù)進(jìn)行加密
NSData *result = [data AES256Encrypt:key];
//轉(zhuǎn)換為2進(jìn)制字符串
if (result && result.length > 0) {
Byte *datas = (Byte*)[result bytes];
NSMutableString *output = [NSMutableString stringWithCapacity:result.length * 2];
for(int i = 0; i < result.length; i++){
[output appendFormat:@"%02x", datas[i]];
}
return output;
}
return nil;
}
/**解密*/ - (NSString *)AES256Decrypt:(NSString *)key { //轉(zhuǎn)換為2進(jìn)制Data NSMutableData *data = [NSMutableData dataWithCapacity:self.length / 2]; unsigned char whole_byte; char byte_chars[3] = {'\0','\0','\0'}; int i; for (i = 0; i < [self length] / 2; i++) { byte_chars[0] = [self characterAtIndex:i*2]; byte_chars[1] = [self characterAtIndex:i*2+1]; whole_byte = strtol(byte_chars, NULL, 16); [data appendBytes:&whole_byte length:1]; } //對數(shù)據(jù)進(jìn)行解密 NSData* result = [data AES256Decrypt:key]; if (result && result.length > 0) { return [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding]; } return nil; }
MD5加密
- (NSString *)stringToMD5
{
const char *fooData = [self UTF8String];
unsigned char result[CC_MD5_DIGEST_LENGTH];
//計算MD5的值, 這是官方封裝好的加密方法:把我們輸入的字符串轉(zhuǎn)換成16進(jìn)制的32位數(shù),然后存儲到result中
CC_MD5(fooData, (CC_LONG)strlen(fooData), result);
/**
第一個參數(shù):要加密的字符串
第二個參數(shù): 獲取要加密字符串的長度
第三個參數(shù): 接收結(jié)果的數(shù)組
*/
NSMutableString *saveResult = [NSMutableString string];
for (int i = 0; i < CC_MD5_DIGEST_LENGTH; i++) {
[saveResult appendFormat:@"%02x", result[i]];
}
/*
x表示十六進(jìn)制蚣旱,%02X 意思是不足兩位將用0補(bǔ)齊,如果多余兩位則不影響
NSLog("%02X", 0x888); //888
NSLog("%02X", 0x4); //04
*/
return saveResult;
}
