本次需求,在网络传输过程中对用户相关的字段进行加密,先用aes再用base64转码,base64网上一大堆,在此就忽略了,直接写aes要点。
先上代码:
+ (NSString*)EncryptString:(NSString*)sourceStr //加密
{
NSString*default_key = @"12345678901234567890123456789012";
NSString*default_iv = @"1234567890123456";
NSString*constkey = default_key;
NSString*constkInitVector = default_iv;
size_tconstkKeySize =kCCKeySizeAES256;
NSData *contentData = [sourceStr dataUsingEncoding:NSUTF8StringEncoding];
NSUIntegerdataLength = contentData.length;
// 为结束符'\0' +1
charkeyPtr[kKeySize +1];
memset(keyPtr,0,sizeof(keyPtr));
[keygetCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
// 密文长度 <= 明文长度 + BlockSize
size_tencryptSize = dataLength +kCCBlockSizeAES128;
void*encryptedBytes =malloc(encryptSize);
size_tactualOutSize =0;
NSData *initVector = [kInitVector dataUsingEncoding:NSUTF8StringEncoding];
CCCryptorStatuscryptStatus =CCCrypt(kCCEncrypt,
kCCAlgorithmAES,
kCCOptionPKCS7Padding, // 系统默认使用 CBC,然后指明使用 PKCS7Padding
keyPtr,
kKeySize,
initVector.bytes,
contentData.bytes,
dataLength,
encryptedBytes,
encryptSize,
&actualOutSize);
if(cryptStatus ==kCCSuccess) {
// 对加密后的数据进行 base64 编码
return [[NSData dataWithBytesNoCopy:encryptedBytes length:actualOutSize] base64EncodedStringWithOptions:NSDataBase64EncodingEndLineWithLineFeed];
}
else
{
free(encryptedBytes);
return nil;
}
}
+ (NSString*)DecryptString:(NSString*)secretStr //解密
{
NSString*default_key = @"12345678901234567890123456789012";
NSString*default_iv = @"1234567890123456";
NSString*constkey = default_key;
NSString*constkInitVector = default_iv;
size_tconstkKeySize =kCCKeySizeAES256;
//先对加密的字符串进行base64解码
NSData *decodeData = [[NSData alloc] initWithBase64EncodedString:secretStr options:NSDataBase64DecodingIgnoreUnknownCharacters];
charkeyPtr[kKeySize +1];
memset(keyPtr,0,sizeof(keyPtr));
[keygetCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUIntegerdataLength = [decodeDatalength];
size_tbufferSize = dataLength +kCCBlockSizeAES128;
void*buffer =malloc(bufferSize);
size_tnumBytesDecrypted =0;
NSData *initVector = [kInitVector dataUsingEncoding:NSUTF8StringEncoding];
CCCryptorStatuscryptStatus =CCCrypt(kCCDecrypt,
kCCAlgorithmAES,
kCCOptionPKCS7Padding,
keyPtr,
kKeySize,
initVector.bytes,
decodeData.bytes,
dataLength,
buffer,
bufferSize,
&numBytesDecrypted);
if(cryptStatus ==kCCSuccess) {
NSData*data = [NSDatadataWithBytesNoCopy:bufferlength:numBytesDecrypted];
NSString *result = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
returnresult;
}
else
{
free(buffer);
returnnil;
}
}
注意点,一般会和后台约定好密钥key和初始向量iv,不过这里有个问题,网上好多直接用的是字符串类型,而这里后台给了我字符数组类型,这里需要将字符数组转化成普通字符串才行,如下
//字符数组转字符串
+ (NSString *)changeKeyString {
charkey[] = {0,0, 0, -0, 0,0,0, 0, 0, 0,0, 0,0,0,0,0, 0,0,0,0,0, 0, 0,0,0,0, 0, 0, 0,0,0,0}; //后台给的32位字符
NSMutableString *mustr = [NSMutableString string];
for(inti =0; i <sizeof(key); i++) {
[mustrappendFormat:@"%c",key[i] ];
}
NSLog(@"%@",mustr);
returnmustr;
}
这样经过转化就可以直接在上面方法中用了,iv一样这样转化。
剩下的关于aes加密各种参数选择网上一大堆,可以自行查看。
网友评论