最近用到了aes256加解密,故做下记录:
1.使用CCCrypt
key长度32位 iv向量16位
- (NSData *)encryptData:(void *)data length:(NSInteger)length key:(NSString *)key {
char keyPtr[kCCKeySizeAES256 + 1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSString *iv = [key substringToIndex:16];
NSUInteger dataLength = length;
size_t buffersize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(buffersize);
size_t numBytesEncrypted = 0;
//填充模式 以及是否选择ECB模式,默认是CBC模式
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, keyPtr, 32, [iv UTF8String], data, dataLength, buffer, buffersize, &numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
// NSLog(@"encrypt success");
NSData *encryptData = [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
return encryptData;
} else {
// NSLog(@"encrypt fail");
return nil;
}
}
- (NSData *)decryptData:(void *)data length:(NSInteger)length key:(NSString *)key {
char keyPtr[kCCKeySizeAES256 + 1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSString *iv = [key substringToIndex:16];
NSUInteger dataLength = length;
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, keyPtr, 32, [iv UTF8String], data, dataLength, buffer, bufferSize, &numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
// NSLog(@"decrypt success");
NSData *decryptData = [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
return decryptData;
} else {
// NSLog(@"decrypt fail");
return nil;
}
}
2.使用FHAes
key长度32位 iv向量16位
void encrypt_aes256_cbc_pkcs7padding() {
// 这里应该是需要加密的数据
NSData *data = [NSData data];
NSUInteger len = data.length;
const char* psrc = (const char*)data.bytes;
// 32位加密秘钥
NSString *secretKey = @"12345678123456781234567812345678";
const BYTE *key = (const BYTE *)[secretKey cStringUsingEncoding:NSUTF8StringEncoding];
// 16位向量iv
unsigned char iv[AES_BLOCK_SIZE] = { 0 };
for (int i = 0; i < AES_BLOCK_SIZE; ++i) {
iv[i] = key[i];
}
unsigned int key_schedule[AES_BLOCK_SIZE * 8] = { 0 };
aes_key_setup(key, key_schedule, kAesKeySize);
// 使用pkcs7padding 计算padding_len
int r = len % AES_BLOCK_SIZE;
int padding_len = AES_BLOCK_SIZE - r;
int src_len = len + padding_len;
auto src = (unsigned char*)malloc((src_len + 1) * sizeof(char));
memset(src, 0, src_len);
memcpy(src, psrc, len);
if (padding_len > 0) {
// 使用pkcs7padding 填充padding_len
memset(src + len, (unsigned char)padding_len, padding_len);
}
//
auto output = (unsigned char*)malloc((src_len + 1)* sizeof(char));
memset(output, src_len, 0);
aes_encrypt_cbc(src, src_len, output, key_schedule, kAesKeySize, iv);
free(output);
free(src);
}
void decrypt_aes256_cbc_pkcs7padding() {
// 这里应该是加密过的数据,我在这随便写的
NSData *data = [NSData data];
NSUInteger len = data.length;
const char* psrc = (const char*)data.bytes;
// 32位加密秘钥
NSString *secretKey = @"12345678123456781234567812345678";
const BYTE *key = (const BYTE *)[secretKey cStringUsingEncoding:NSUTF8StringEncoding];
// 16位向量iv
unsigned char iv[AES_BLOCK_SIZE] = { 0 };
for (int i = 0; i < AES_BLOCK_SIZE; ++i) {
iv[i] = key[i];
}
unsigned int key_schedule[AES_BLOCK_SIZE * 8] = { 0 };
aes_key_setup(key, key_schedule, kAesKeySize);
auto src = (unsigned char*)malloc((len + 1) * sizeof(char));
memset(src, 0, len);
memcpy(src, psrc, len);
auto output = (unsigned char*)malloc((len + 1)* sizeof(char));
memset(output, len, 0);
aes_decrypt_cbc((unsigned char*)src, len, (unsigned char*)output,
key_schedule, kAesKeySize, iv);
unsigned int r = output[len - 1];
int dst_len = len - r;
free(output);
free(src);
}
网友评论