"APP的數據安全已經牽動著我們開發者的心,簡單的MD5/Base64等已經難以滿足當下的數據安全標准,本文簡單的介紹下AES與Base64的混合加密與解密"
AES:高級加密標准(英語:Advanced Encryption Standard,縮寫:AES),在密碼學中又稱Rijndael加密法,是美國聯邦政府采用的一種區塊加密標准。這個標准用來替代原先的DES,已經被多方分析且廣為全世界所使用。經過五年的甄選流程,高級加密標准由美國國家標准與技術研究院(NIST)於2001年11月26日發布於FIPS PUB 197,並在2002年5月26日成為有效的標准。2006年,高級加密標准已然成為對稱密鑰加密中最流行的算法之一。
以上是來自百度百科的解釋。
下面我將用代碼來闡述其使用方法。 首先我們創建一個NSData的類擴展,命名為AES,創建完如果對的話應該是這樣的NSData+AES然後導入如下頭文件
#import 《CommonCrypto/CommonDigest.h》 #import 《CommonCrypto/CommonCryptor.h》
再增加加解密的方法,方便外部文件的調用,寫完.h文件如下
#import 《Foundation/Foundation.h》 #import 《CommonCrypto/CommonDigest.h》 #import 《CommonCrypto/CommonCryptor.h》 @interface NSData (AES) //加密 - (NSData *) AES256_Encrypt:(NSString *)key; //解密 - (NSData *) AES256_Decrypt:(NSString *)key; //追加64編碼 - (NSString *)newStringInBase64FromData; //同上64編碼 + (NSString*)base64encode:(NSString*)str; @end
.m文件中依次實現這幾個方法,具體如下
#import "NSData+AES.h"static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; @implementation NSData (AES) //加密 - (NSData *) AES256_Encrypt:(NSString *)key{ char keyPtr[kCCKeySizeAES256+1]; bzero(keyPtr, sizeof(keyPtr)); [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [self length]; size_t bufferSize = dataLength + kCCBlockSizeAES128; void *buffer = malloc(bufferSize); size_t numBytesEncrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding | kCCOptionECBMode, keyPtr, kCCBlockSizeAES128, NULL, [self bytes], dataLength, buffer, bufferSize, &numBytesEncrypted); if (cryptStatus == kCCSuccess) { return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted]; } free(buffer); return nil;} //解密- (NSData *) AES256_Decrypt:(NSString *)key{ char keyPtr[kCCKeySizeAES256+1]; bzero(keyPtr, sizeof(keyPtr)); [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [self length]; size_t bufferSize = dataLength + kCCBlockSizeAES128; void *buffer = malloc(bufferSize); size_t numBytesDecrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding | kCCOptionECBMode, keyPtr, kCCBlockSizeAES128, NULL, [self bytes], dataLength, buffer, bufferSize, &numBytesDecrypted); if (cryptStatus == kCCSuccess) { return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted]; } free(buffer); return nil;} //追加64編碼- (NSString *)newStringInBase64FromData { NSMutableString *dest = [[NSMutableString alloc] initWithString:@""]; unsigned char * working = (unsigned char *)[self bytes]; int srcLen = (int)[self length]; for (int i=0; i> ix) & 0x3F); [dest appendFormat:@"%c", base64[curr]]; } } return dest;} + (NSString*)base64encode:(NSString*)str{ if ([str length] == 0) return @""; const char *source = [str UTF8String]; int strlength = (int)strlen(source); char *characters = malloc(((strlength + 2) / 3) * 4); if (characters == NULL) return nil; NSUInteger length = 0; NSUInteger i = 0; while (i < strlength) { char buffer[3] = {0,0,0}; short bufferLength = 0; while (bufferLength < 3 && i < strlength) buffer[bufferLength++] = source[i++]; characters[length++] = base64[(buffer[0] & 0xFC) >> 2]; characters[length++] = base64[((buffer[0] & 0x03) << 4) | ((buffer[1] & 0xF0) >> 4)]; if (bufferLength > 1) characters[length++] = base64[((buffer[1] & 0x0F) << 2) | ((buffer[2] & 0xC0) >> 6)]; else characters[length++] = '='; if (bufferLength > 2) characters[length++] = base64[buffer[2] & 0x3F]; else characters[length++] = '='; } NSString *g = [[NSString alloc] initWithBytesNoCopy:characters length:length encoding:NSASCIIStringEncoding freeWhenDone:YES]; return g;} @end
AES+Base64的加密方式到此已經結束了,下面講一下單純的AES字符串加密的。
和上面的基本上差不多,寫一個NSString的類擴展,命名為AES,創建完如果對的話應該是這樣的NSString+AES導入如下頭文件
#import "NSData+AES.h"
同樣的把加解密的方法寫在.h文件中,寫完如下
#import 《Foundation/Foundation.h》 #import "NSData+AES.h" @interface NSString (AES) //加密 - (NSString *) AES256_Encrypt:(NSString *)key; //解密 - (NSString *) AES256_Decrypt:(NSString *)key; @end
.m實現方法
//加密 - (NSString *) AES256_Encrypt:(NSString *)key{ const char *cstr = [self cStringUsingEncoding:NSUTF8StringEncoding]; NSData *data = [NSData dataWithBytes:cstr length:self.length]; //對數據進行加密 NSData *result = [data AES256_Encrypt:key]; //轉換為2進制字符串 if (result && result.length > 0) { Byte *datas = (Byte*)[result bytes]; NSMutableString *output = [NSMutableString stringWithCapacity:result.length * 2]; for(int i = 0; i < result.length; i++){ [output appendFormat:@"x", datas[i]]; } return output; } return nil; } //解密 - (NSString *) AES256_Decrypt:(NSString *)key{ //轉換為2進制Data NSMutableData *data = [NSMutableData dataWithCapacity:self.length / 2]; unsigned char whole_byte; char byte_chars[3] = {'\0','\0','\0'}; int i; for (i=0; i < [self length] / 2; i++) { byte_chars[0] = [self characterAtIndex:i*2]; byte_chars[1] = [self characterAtIndex:i*2+1]; whole_byte = strtol(byte_chars, NULL, 16); [data appendBytes:&whole_byte length:1]; } //對數據進行解密 NSData* result = [data AES256_Decrypt:key]; if (result && result.length > 0) { return [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding]; } return nil; }
到此我們加密的文件基本上都已經OK了,下面我們來簡單的的使用一下,具體如下:
#import "ViewController.h" #import "NSString+AES.h"@interface ViewController ()@end@implementation ViewController- (void)viewDidLoad { [super viewDidLoad]; // Do any additional setup after loading the view, typically from a nib. //字符串加密 NSString *key = @"12345678";//Key是和後台約定的key哦,不然無法解密.... NSString *secret = @"aes Bison base64"; NSLog(@"字符串加密---%@",[secret AES256_Encrypt:key]); //字符串解密 NSLog(@"字符串解密---%@",[[secret AES256_Encrypt:key] AES256_Decrypt:key]); //NSData加密+base64 NSData *plain = [secret dataUsingEncoding:NSUTF8StringEncoding]; NSData *cipher = [plain AES256_Encrypt:key]; NSLog(@"NSData加密+base64++++%@",[cipher newStringInBase64FromData]); //解密 plain = [cipher AES256_Decrypt:key]; NSLog(@"NSData解密+base64++++%@", [[NSString alloc] initWithData:plain encoding:NSUTF8StringEncoding]);}@end
運行得到打印的結果如下:
2016-03-30 17:31:55.686 AES_256[14242:198853] 字符串加密---07815ca46d20acc3ba4e43d6930c7537496e851a36dbeac34fa30c5796089b02 2016-03-30 17:31:55.687 AES_256[14242:198853] 字符串解密---aes Bison base64 2016-03-30 17:31:55.687 AES_256[14242:198853] NSData加密+base64++++B4FcpG0grMO6TkPWkwx1N0luhRo22+rDT6MMV5YImwI 2016-03-30 17:31:55.687 AES_256[14242:198853] NSData解密+base64++++aes Bison base64
##值得注意的是Key是和後台約定的key哦,不然無法解密….
最後留下demo下載地址