iOS开发 --- 加密加盐(AES|CBC|PKCS7)

Posted iOS开发-上海

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了iOS开发 --- 加密加盐(AES|CBC|PKCS7)相关的知识,希望对你有一定的参考价值。

加密模式:CBC

填充(CCOptions):kCCOptionPKCS7Padding

偏移量:iv

一,未加盐

1.1客户端ios

//通用加密方法
+ (NSString *)encryptString:(NSString *)plainSourceStringToEncrypt key:(NSString *)key;
//通用解密方法
+ (NSString *)decryptString:(NSString *)base64StringToDecrypt key:(NSString *)key;

加密方法实现:

+ (NSString *)encryptString:(NSString *)plainSourceStringToEncrypt key:(NSString *)key
    NSData *_secretData = [plainSourceStringToEncrypt dataUsingEncoding:NSUTF8StringEncoding];
    
    // You can use md5 to make sure key is 16 bits long
    NSData *encryptedData = [self doCipher:_secretData context:kCCEncrypt key:key];
    
    return [encryptedData base64EncodingWithLineLength:0];

解密方法方法实现:

//通用解密方法
+ (NSString *)decryptString:(NSString *)base64StringToDecrypt key:(NSString *)key
    NSData *data = [self doCipher:[NSData dataWithBase64EncodedString:base64StringToDecrypt] context:kCCDecrypt key:key];
    return [[[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding] autorelease];

+  (NSData *)doCipher:(NSData *)plainText context:(CCOperation)encryptOrDecrypt key:(NSString *)key
   
    NSData *aSymmetricKey = [key dataUsingEncoding:NSUTF8StringEncoding];
    
    CCCryptorStatus ccStatus   = kCCSuccess;
    size_t          cryptBytes = 0;    // Number of bytes moved to buffer.
    NSMutableData  *dataOut    = [NSMutableData dataWithLength:plainText.length + 32];
    ccStatus = CCCrypt( encryptOrDecrypt,
                       kCCAlgorithmAES128,
                       kCCOptionPKCS7Padding,
                       (const void *)[aSymmetricKey bytes],
                       32,
                       ivBuff,
                       plainText.bytes,
                       plainText.length,
                       dataOut.mutableBytes,
                       dataOut.length,
                       &cryptBytes);
    
    if (ccStatus != kCCSuccess) 
        
        NSLog(@"CCCrypt status: %d", ccStatus);
    
 
    dataOut.length = cryptBytes;
    
    return dataOut;

1.2 服务端

public static string Encrypt(string p_Content, string p_Key)
        
            return Encrypt(PaddingMode.PKCS7, CipherMode.CBC, p_Content, p_Key);
        
public static string Encrypt(PaddingMode p_PMode, CipherMode p_CMode, string p_Content, string p_Key)
        
            
           byte[] bytes = Encoding.UTF8.GetBytes(p_Key);
            byte[] inputBuffer = Encoding.UTF8.GetBytes(p_Content);
            RijndaelManaged managed = new RijndaelManaged
            
                Key = bytes,
                Mode = p_CMode,
                Padding = p_PMode,
                IV = _IV
            ;
            byte[] inArray = managed.CreateEncryptor().TransformFinalBlock(inputBuffer, 0, inputBuffer.Length);
            return Convert.ToBase64String(inArray, 0, inArray.Length);

 二,加盐 

2.1 客户端iOS

/**
 * 对加解密的key进行加盐操作
 * @param key
 * @param salt
 * @return
 */
+  (NSData *)AESAddSaltForKey:(NSString *)key
                     salt:(NSString *)salt 
    NSMutableData *derivedKey = [NSMutableData dataWithLength:32];
    NSData *saltData  = [salt dataUsingEncoding:NSUTF8StringEncoding];
    int result = CCKeyDerivationPBKDF(kCCPBKDF2,            // algorithm
                                  key.UTF8String,  // password
                                  [key lengthOfBytesUsingEncoding:NSUTF8StringEncoding],  // passwordLength
                                  saltData.bytes,           // salt
                                  saltData.length,          // saltLen
                                  kCCPRFHmacAlgSHA1,    // PRF
                                  10000,         // rounds
                                  derivedKey.mutableBytes, // derivedKey
                                  derivedKey.length); // derivedKeyLen
    
    // Do not log password here
    NSAssert(result == kCCSuccess,
             @"Unable to create AES key for key: %d", result);
    
    return derivedKey;

+  (NSData *)doCipher:(NSData *)plainText context:(CCOperation)encryptOrDecrypt key:(NSString *)key
   
//    CCKeyDerivationPBKDF
//    CCCalibratePBKDF
    NSString *salt = @"234567890-!@#$%^&*()_+QWERTYUIOPASDFGHJKL:XCVBNM<>";
    NSData *aSymmetricKey = [self AESKeyForKey:key salt:salt];
  
    CCCryptorStatus ccStatus   = kCCSuccess;
    size_t          cryptBytes = 0;    // Number of bytes moved to buffer.
    NSMutableData  *dataOut    = [NSMutableData dataWithLength:plainText.length + 32];
    ccStatus = CCCrypt( encryptOrDecrypt,
                       kCCAlgorithmAES128,
                       kCCOptionPKCS7Padding,
                       (const void *)[aSymmetricKey bytes],
                       32,
                       ivBuff,
                       plainText.bytes,
                       plainText.length,
                       dataOut.mutableBytes,
                       dataOut.length,
                       &cryptBytes);
    
    if (ccStatus != kCCSuccess) 
        
        NSLog(@"CCCrypt status: %d", ccStatus);
    
 
    dataOut.length = cryptBytes;
    
    return dataOut;

2.2服务端

相关文章

How to add salt to AES Encryption in iOS and decrypting it using objective c

Cocoaphony

GitHub - lgc107/CommonCrypto: 文集https://www.jianshu.com/nb/25932942 的代码示例

在线AES加解密

iOS AES的加密解密

以上是关于iOS开发 --- 加密加盐(AES|CBC|PKCS7)的主要内容,如果未能解决你的问题,请参考以下文章

IOS AES加密

iOS AES128加密解密的两种模式(CBC和ECB)

iOS开发--AES加密中的那些坑

在 Android 中的 iOS AES/CBC/PKCS7Padding 128 位算法中加密的解密字符串的问题

如何在iOS Swift 3中加密AES 256 CBC,如laravel encrypt()方法

javascript 与 PHP 通信加密,使用AES 128 CBC no padding,以及ios,java,c#文章例子