美文网首页
对称加密工具类

对称加密工具类

作者: 锦鲤跃龙 | 来源:发表于2017-09-30 10:22 被阅读0次

    源文件

    头文件

    包含终端命令,可以验证加密结果是否正确

    
    #import <Foundation/Foundation.h>
    #import <CommonCrypto/CommonCrypto.h>
    
    /**
     *  终端测试指令
     * 其中 -k 是key的ascii码
     * 可以利用
     *  DES(ECB)加密
     *  $ echo -n hello | openssl enc -des-ecb -K 616263 -nosalt | base64
     *
      * DES(CBC)加密
     *  $ echo -n hello | openssl enc -des-cbc -iv 0102030405060708 -K 616263 -nosalt | base64
     *
     *  AES(ECB)加密
     *  $ echo -n hello | openssl enc -aes-128-ecb -K 616263 -nosalt | base64
     *
     *  AES(CBC)加密
     *  $ echo -n hello | openssl enc -aes-128-cbc -iv 0102030405060708 -K 616263 -nosalt | base64
     *
     *  DES(ECB)解密
     *  $ echo -n HQr0Oij2kbo= | base64 -D | openssl enc -des-ecb -K 616263 -nosalt -d
     *
     *  DES(CBC)解密
     *  $ echo -n alvrvb3Gz88= | base64 -D | openssl enc -des-cbc -iv 0102030405060708 -K 616263 -nosalt -d
     *
     *  AES(ECB)解密
     *  $ echo -n d1QG4T2tivoi0Kiu3NEmZQ== | base64 -D | openssl enc -aes-128-ecb -K 616263 -nosalt -d
     *
     *  AES(CBC)解密
     *  $ echo -n u3W/N816uzFpcg6pZ+kbdg== | base64 -D | openssl enc -aes-128-cbc -iv 0102030405060708 -K 616263 -nosalt -d
     *
     *  提示:
     *      1> 加密过程是先加密,再base64编码
     *      2> 解密过程是先base64解码,再解密
     */
    @interface EncryptionTools : NSObject
    
    + (instancetype)sharedEncryptionTools;
    
    /**
     @constant   kCCAlgorithmAES     高级加密标准,128位(默认)
     @constant   kCCAlgorithmDES     数据加密标准
     */
    @property (nonatomic, assign) uint32_t algorithm;
    
    /**
     *  加密字符串并返回base64编码字符串
     *
     *  @param string    要加密的字符串
     *  @param keyString 加密密钥
     *  @param iv        初始化向量(8个字节)
     *
     *  @return 返回加密后的base64编码字符串
     */
    - (NSString *)encryptString:(NSString *)string keyString:(NSString *)keyString iv:(NSData *)iv;
    
    /**
     *  解密字符串
     *
     *  @param string    加密并base64编码后的字符串
     *  @param keyString 解密密钥
     *  @param iv        初始化向量(8个字节)
     *
     *  @return 返回解密后的字符串
     */
    - (NSString *)decryptString:(NSString *)string keyString:(NSString *)keyString iv:(NSData *)iv;
    
    @end
    

    体文件

    
    #import "EncryptionTools.h"
    
    @interface EncryptionTools()
    @property (nonatomic, assign) int keySize;
    @property (nonatomic, assign) int blockSize;
    @end
    
    @implementation EncryptionTools
    
    + (instancetype)sharedEncryptionTools {
        static EncryptionTools *instance;
        
        static dispatch_once_t onceToken;
        dispatch_once(&onceToken, ^{
            instance = [[self alloc] init];
            instance.algorithm = kCCAlgorithmAES;
        });
        
        return instance;
    }
    
    - (void)setAlgorithm:(uint32_t)algorithm {
        _algorithm = algorithm;
        switch (algorithm) {
            case kCCAlgorithmAES:
                self.keySize = kCCKeySizeAES128;
                self.blockSize = kCCBlockSizeAES128;
                break;
            case kCCAlgorithmDES:
                self.keySize = kCCKeySizeDES;
                self.blockSize = kCCBlockSizeDES;
                break;
            default:
                break;
        }
    }
    
    - (NSString *)encryptString:(NSString *)string keyString:(NSString *)keyString iv:(NSData *)iv {
        
        // 设置秘钥
        NSData *keyData = [keyString dataUsingEncoding:NSUTF8StringEncoding];
        uint8_t cKey[self.keySize];
        bzero(cKey, sizeof(cKey));
        [keyData getBytes:cKey length:self.keySize];
        
        // 设置iv
        uint8_t cIv[self.blockSize];
        bzero(cIv, self.blockSize);
        int option = 0;
        if (iv) {
            [iv getBytes:cIv length:self.blockSize];
            option = kCCOptionPKCS7Padding;
        } else {
            option = kCCOptionPKCS7Padding | kCCOptionECBMode;
        }
        
        // 设置输出缓冲区
        NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding];
        size_t bufferSize = [data length] + self.blockSize;
        void *buffer = malloc(bufferSize);
        
        // 开始加密
        size_t encryptedSize = 0;
        /*
         CCCrypt:对称加密的核心函数(加密、解密)
         参数:
         1:加密kCCEncrypt、解密kCCDecrypt
         2:加密算法 AES/DES 
         kCCAlgorithmAES     高级加密标准
         kCCAlgorithmDES     数据加密标准
         
         3.加密选项:ECB/CBC
         4.加密的密钥 
         5.密钥长度
         6.iv 初始化向量
         7.加密的长度
         8.加密的数据长度
         9.密文的内存地址
         10.密文缓冲区大小
         11.加密结果大小
         */
        CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
                                              self.algorithm,
                                              option,
                                              cKey,
                                              self.keySize,
                                              cIv,
                                              [data bytes],
                                              [data length],
                                              buffer,
                                              bufferSize,
                                              &encryptedSize);
        
        NSData *result = nil;
        if (cryptStatus == kCCSuccess) {
            result = [NSData dataWithBytesNoCopy:buffer length:encryptedSize];
        } else {    
            free(buffer);
            NSLog(@"[错误] 加密失败|状态编码: %d", cryptStatus);
        }
        
        return [result base64EncodedStringWithOptions:0];
    }
    
    - (NSString *)decryptString:(NSString *)string keyString:(NSString *)keyString iv:(NSData *)iv {
        
        // 设置秘钥
        NSData *keyData = [keyString dataUsingEncoding:NSUTF8StringEncoding];
        uint8_t cKey[self.keySize];
        bzero(cKey, sizeof(cKey));
        [keyData getBytes:cKey length:self.keySize];
        
        // 设置iv
        uint8_t cIv[self.blockSize];
        bzero(cIv, self.blockSize);
        int option = 0;
        if (iv) {
            [iv getBytes:cIv length:self.blockSize];
            option = kCCOptionPKCS7Padding;
        } else {
            option = kCCOptionPKCS7Padding | kCCOptionECBMode;
        }
        
        // 设置输出缓冲区
        NSData *data = [[NSData alloc] initWithBase64EncodedString:string options:0];
        size_t bufferSize = [data length] + self.blockSize;
        void *buffer = malloc(bufferSize);
        
        // 开始解密
        size_t decryptedSize = 0;
        CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
                                              self.algorithm,
                                              option,
                                              cKey,
                                              self.keySize,
                                              cIv,
                                              [data bytes],
                                              [data length],
                                              buffer,
                                              bufferSize,
                                              &decryptedSize);
        
        NSData *result = nil;
        if (cryptStatus == kCCSuccess) {
            result = [NSData dataWithBytesNoCopy:buffer length:decryptedSize];
        } else {
            free(buffer);
            NSLog(@"[错误] 解密失败|状态编码: %d", cryptStatus);
        }
        
        return [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding];
    }
    
    @end
    

    使用方法

    AES - ECB 加密

    每个加密块是一个独立的单元,当拆分后再拼接 不影响其他的加密单元

     //AES - ECB 加密
        NSString *key = @"LYJ";
        
        //iv 不需要向量
       //加密
       NSString *reslut =  [[EncryptionTools sharedEncryptionTools]encryptString:@"hello" keyString:key iv:nil];
         NSLog(@"加密结果:%@",reslut);
        
       //解密
        NSString *decryptString = [[EncryptionTools sharedEncryptionTools]decryptString:reslut keyString:key iv:nil];
        NSLog(@"解密结果:%@",decryptString);
        
    

    //AES - CBC

    加密单元不是独立,后面的加密依赖前面单元数据的加密,更加安全需要向量

     //AES - CBC
        uint8_t iv[8] = {1,2,3,4,5,6,7,8};
        NSData *ivData = [NSData dataWithBytes:iv length:sizeof(iv)];
        
        NSString *CBC_EncryptString = [[EncryptionTools sharedEncryptionTools]encryptString:@"liyanjun" keyString:key iv:ivData];
        
        NSLog(@"CBC加密字符串 %@",CBC_EncryptString);
        
        
        NSString *CBC_DecryptString = [[EncryptionTools sharedEncryptionTools]decryptString:CBC_EncryptString keyString:key iv:ivData];
        
        
        NSLog(@"CBC解密字符串 %@",CBC_DecryptString);
    

    des 给工具类单例的一个参数设置一下值即可

     //DES - ECB
        [EncryptionTools sharedEncryptionTools].algorithm = kCCAlgorithmDES;
         NSString *DES_ECB_EncryptString =  [[EncryptionTools sharedEncryptionTools]encryptString:@"hello" keyString:key iv:nil];
    
        NSLog(@"DES_ECB加密字符串 %@",DES_ECB_EncryptString);
    
        NSString *ECB_CBC_DecryptString = [[EncryptionTools sharedEncryptionTools]decryptString:DES_ECB_EncryptString keyString:key iv:nil];
        NSLog(@"DES_ECB解密字符串 %@",ECB_CBC_DecryptString);
    

    相关文章

      网友评论

          本文标题:对称加密工具类

          本文链接:https://www.haomeiwen.com/subject/tajgextx.html