前言 des加密做的时候后端前端ios和安卓三端需统一
1、DES加密有两种模式,ECB和CBC。还有就是填充模式,ios的填充模式只有两种 kCCOptionPKCS7Padding 和kCCOptionPKCS7Padding | kCCOptionECBMode。而后台填充模式就多了。这就需要一一对应才能实现加密和解密。
2、具体的对应模式是
java的DES/ECB/PKCS5Padding对应ios的kCCOptionPKCS7Padding | kCCOptionECBMode
java的DES/CBC/PKCS5Padding对应ios的kCCOptionPKCS7Padding
2.1 在CBC(不光是DES算法)模式下,iv通过随机数(或伪随机)机制产生是一种比较常见的方法。iv的作用主要是用于产生密文的第一个block,以使最终生成的密文产生差异(明文相同的情况下),使密码攻击变得更为困难,除此之外iv并无其它用途。最大的好处是,即使相同的明文,相同的密钥,也能产生不同的密文
3、+(NSData*) encryptUseDES:(NSString*)plainText key:(NSString*)key
{ NSData*data;
NSString*ciphertext =nil;
NSData *textData = [plainText dataUsingEncoding:NSUTF8StringEncoding];
NSUIntegerdataLength = [textDatalength];
unsignedcharbuffer[1024];
memset(buffer,0,sizeof(char));
size_tnumBytesEncrypted =0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmDES,
kCCOptionPKCS7Padding ,
[keyUTF8String],kCCKeySizeDES,
iv,
[textDatabytes], dataLength,
buffer,1024,
&numBytesEncrypted);
if(cryptStatus ==kCCSuccess) {
data = [NSDatadataWithBytes:bufferlength:(NSUInteger)numBytesEncrypted];
}
returndata;
}
constByteiv[] = {1,2,3,4,5,6,7,8}; constByteiv[] = {0,1,2,3,4,5,6,7};
两个iv任选其一,必须要和你的后台对应。(CBC模式)
+(NSData*) encryptUseDES:(NSString*)plainText key:(NSString*)key
{ NSData*data;
NSString*ciphertext =nil;
NSData *textData = [plainText dataUsingEncoding:NSUTF8StringEncoding];
NSUIntegerdataLength = [textDatalength];
unsignedcharbuffer[1024];
memset(buffer,0,sizeof(char));
size_tnumBytesEncrypted =0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmDES,
kCCOptionPKCS7Padding | kCCOptionECBMode,
[keyUTF8String],kCCKeySizeDES,
NULL,
[textDatabytes], dataLength,
buffer,1024,
&numBytesEncrypted);
if(cryptStatus ==kCCSuccess) {
data = [NSDatadataWithBytes:bufferlength:(NSUInteger)numBytesEncrypted];
}
returndata;
}
不需要初始化iv的加密。(ECB模式)
5.具体的解密如下:
+(NSString*)decryptUseDES:(NSData*)cipherdata key:(NSString*)key
{
NSData*plaindata =nil;
NSString*plaintext =nil;
// NSData *cipherdata = [GTMBase64 decodeString:cipherText];
unsignedcharbuffer[1024];
memset(buffer,0,sizeof(char));
size_tnumBytesDecrypted =0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmDES,
kCCOptionPKCS7Padding ,
[keyUTF8String],kCCKeySizeDES,
iv,
[cipherdatabytes], [cipherdatalength],
buffer,1024,
&numBytesDecrypted);
if(cryptStatus ==kCCSuccess)
{
NSData*plaindata = [NSDatadataWithBytes:bufferlength:(NSUInteger)numBytesDecrypted];
plaintext = [[NSString alloc]initWithData:plaindata encoding:NSUTF8StringEncoding];
}
returnplaintext;
}
需要iv的解密。
+(NSString*)decryptUseDES:(NSData*)cipherdata key:(NSString*)key
{
NSData*plaindata =nil;
NSString*plaintext =nil;
// NSData *cipherdata = [GTMBase64 decodeString:cipherText];
unsignedcharbuffer[1024];
memset(buffer,0,sizeof(char));
size_tnumBytesDecrypted =0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmDES,
kCCOptionPKCS7Padding | kCCOptionECBMode,
[keyUTF8String],kCCKeySizeDES,
NULL,
[cipherdatabytes], [cipherdatalength],
buffer,1024,
&numBytesDecrypted);
if(cryptStatus ==kCCSuccess)
{
NSData*plaindata = [NSDatadataWithBytes:bufferlength:(NSUInteger)numBytesDecrypted];
plaintext = [[NSString alloc]initWithData:plaindata encoding:NSUTF8StringEncoding];
}
returnplaintext;
}
不需要iv的解密。
贡献文章 DES填充方式与初始向量IV的作用
网友评论