本文详细介绍了AES(高级加密标准)对称加密算法,包括其128位、192位和256位的密钥长度,加密和解密过程,以及在网络安全和数据保护中的广泛应用。还展示了如何在iOS代码中使用AES进行加密和解密操作,如NSData+AES类中的AES128EncryptWithKey和AES128DecryptWithKey方法。
前言
AES(Advanced Encryption Standard)是一种对称加密算法,被广泛应用于保护数据的安全性。AES算法对称密钥长度可以是128位、192位或256位,这使得它足够强大,能够抵御目前和可预见的未来攻击。
AES算法通过替换、置换和混淆的步骤,对数据进行加密,其加密和解密使用相同的密钥。由于其高效性和安全性,AES算法在诸如网络通信、数据库加密、文件加密等领域被广泛使用。同时,许多操作系统和编程语言都提供了对AES算法的原生支持,使得开发人员可以轻松地将其集成到自己的应用程序中。
总的来说,AES算法以其速度快、安全可靠的特性成为当今最常用的对称加密算法之一,为保护数据安全提供了重要的工具。
代码
NSData+AES.h
#import <Foundation/Foundation.h>
@class NSString;
@interface NSData (Encryption)
- (NSData *)AES128EncryptWithKey:(NSString *)key gIv:(NSString *)Iv; //加密
- (NSData *)AES128DecryptWithKey:(NSString *)key gIv:(NSString *)Iv; //解密
@end
NSData+AES.m
#import "NSData+AES.h"
#import <CommonCrypto/CommonCryptor.h>
@implementation NSData (Encryption)
- (NSData *)AES128EncryptWithKey:(NSString *)key gIv:(NSString *)Iv{//加密
char keyPtr[kCCKeySizeAES128+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
char ivPtr[kCCKeySizeAES128+1];
memset(ivPtr, 0, sizeof(ivPtr));
[Iv getCString:ivPtr maxLength:sizeof(ivPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
keyPtr,
kCCBlockSizeAES128,
ivPtr,
[self bytes],
dataLength,
buffer,
bufferSize,
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer);
return nil;
}
- (NSData *)AES128DecryptWithKey:(NSString *)key gIv:(NSString *)Iv{//解密
char keyPtr[kCCKeySizeAES128+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
char ivPtr[kCCKeySizeAES128+1];
memset(ivPtr, 0, sizeof(ivPtr));
[Iv getCString:ivPtr maxLength:sizeof(ivPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
kCCAlgorithmAES128,
kCCOptionPKCS7Padding,
keyPtr,
kCCBlockSizeAES128,
ivPtr,
[self bytes],
dataLength,
buffer,
bufferSize,
&numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
}
free(buffer);
return nil;
}
@end
SecurityUtil.h
#import <Foundation/Foundation.h>
@interface SecurityUtil : NSObject
#pragma mark - base64
+ (NSString*)encodeBase64String:(NSString *)input;
+ (NSString*)decodeBase64String:(NSString *)input;
+ (NSString*)encodeBase64Data:(NSData *)data;
+ (NSString*)decodeBase64Data:(NSData *)data;
+ (NSString*)webEncodeBase64Data:(NSData *)data;
+ (NSString*)webDecodeBase64Data:(NSData *)data;
+ (NSString*)webEncodeBase64String:(NSString *)string;
+ (NSString*)webDecodeBase64String:(NSString *)string;
#pragma mark - AES加密
//将string转成带密码的data
+ (NSString*)encryptAESData:(NSString*)string;
+(NSString*)encryptAESDataOne:(NSString*)string;
//将带密码的data转成string
+ (NSString*)decryptAESData:(NSString*)string;
//将string转成带密码的data
+ (NSString*)encryptWeb64AESData:(NSString*)string;
+(NSString*)encryptWeb64AESDataOne:(NSString*)string;
//将带密码的data转成string
+ (NSString*)decryptWeb64AESData:(NSString*)string;
@end
SecurityUtil.m
#import "SecurityUtil.h"
#import <QN_GTM_Base64.h>
#import "NSData+AES.h"
#define Iv @"12345678" //偏移量,可自行修改
#define KEY @"abcdefg" //key,可自行修改
@implementation SecurityUtil
#pragma mark - base64
+ (NSString*)encodeBase64String:(NSString * )input {
NSData *data = [input dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:YES];
data = [QN_GTM_Base64 encodeData:data];
NSString *base64String = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return base64String;
}
+ (NSString*)decodeBase64String:(NSString * )input {
NSData *data = [input dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:YES];
data = [QN_GTM_Base64 decodeData:data];
NSString *base64String = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return base64String;
}
+ (NSString*)encodeBase64Data:(NSData *)data {
data = [QN_GTM_Base64 encodeData:data];
NSString *base64String = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return base64String;
}
+ (NSString*)webEncodeBase64Data:(NSData *)data {
data = [QN_GTM_Base64 webSafeEncodeData:data padded:YES];
NSString *base64String = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return base64String;
}
+ (NSString*)webDecodeBase64Data:(NSData *)data {
data = [QN_GTM_Base64 webSafeDecodeData:data];
NSString *base64String = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return base64String;
}
+ (NSString*)webEncodeBase64String:(NSString *)string {
NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:YES];
data = [QN_GTM_Base64 webSafeEncodeData:data padded:YES];
NSString *base64String = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
if ([base64String containsString:@"="]) {
base64String = [base64String stringByReplacingOccurrencesOfString:@"=" withString:@"@"];
}
return base64String;
}
+ (NSString*)webDecodeBase64String:(NSString *)string {
NSString *inputString = string;
if ([inputString containsString:@"@"]) {
inputString = [inputString stringByReplacingOccurrencesOfString:@"@" withString:@"="];
}
NSData *data = [inputString dataUsingEncoding:NSUTF8StringEncoding allowLossyConversion:YES];
data = [QN_GTM_Base64 webSafeDecodeData:data];
NSString *base64String = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return base64String;
}
+ (NSString*)decodeBase64Data:(NSData *)data {
data = [QN_GTM_Base64 decodeData:data];
NSString *base64String = [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
return base64String;
}
#pragma mark - AES加密
//将string转成带密码的data
+ (NSString*)encryptAESData:(NSString*)string
{
//将nsstring转化为nsdata
NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding];
//使用密码对nsdata进行加密
NSData *encryptedData = [data AES128EncryptWithKey:KEY gIv:Iv];
//返回进行base64进行转码的加密字符串
return [self webEncodeBase64Data:encryptedData];
// return [self encodeBase64Data:encryptedData];
// return [self byteToString:encryptedData];//data转16进制string
}
+(NSString*)encryptAESDataOne:(NSString*)string
{
//将nsstring转化为nsdata
NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding];
//使用密码对nsdata进行加密
NSData *encryptedData = [data AES128EncryptWithKey:@"" gIv:@"1"];
//返回进行base64进行转码的加密字符串
return [[NSString alloc] initWithData:encryptedData encoding:NSUTF8StringEncoding];
}
//将string转成带密码的data
+ (NSString*)encryptWeb64AESData:(NSString *)string
{
//将nsstring转化为nsdata
NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding];
//使用密码对nsdata进行加密
NSData *encryptedData = [data AES128EncryptWithKey:KEY gIv:Iv];
//返回进行base64进行转码的加密字符串
NSString *encryptString = [self webEncodeBase64Data:encryptedData];
if ([encryptString containsString:@"="]) {
encryptString = [encryptString stringByReplacingOccurrencesOfString:@"=" withString:@"@"];
}
return encryptString;
}
+(NSString*)encryptWeb64AESDataOne:(NSString *)string
{
//将nsstring转化为nsdata
NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding];
//使用密码对nsdata进行加密
NSData *encryptedData = [data AES128EncryptWithKey:@"" gIv:@"1"];
//返回进行base64进行转码的加密字符串
NSString *encryptString = [self webEncodeBase64Data:encryptedData];
if ([encryptString containsString:@"="]) {
encryptString = [encryptString stringByReplacingOccurrencesOfString:@"=" withString:@"@"];
}
return encryptString;
}
+(NSString*)byteToString:(NSData*)data
{
Byte *plainTextByte = (Byte *)[data bytes];
NSString *hexStr=@"";
for(int i=0;i<[data length];i++)
{
NSString *newHexStr = [NSString stringWithFormat:@"%x",plainTextByte[i]&0xff];///16进制数
if([newHexStr length]==1)
hexStr = [NSString stringWithFormat:@"%@0%@",hexStr,newHexStr];
else
hexStr = [NSString stringWithFormat:@"%@%@",hexStr,newHexStr];
}
return [hexStr uppercaseString];
}
+(NSData*)stringToByte:(NSString*)string
{
NSString *hexString=[[string uppercaseString] stringByReplacingOccurrencesOfString:@" " withString:@""];
if ([hexString length]%2!=0) {
return nil;
}
Byte tempbyt[1]={0};
NSMutableData* bytes=[NSMutableData data];
for(int i=0;i<[hexString length];i++)
{
unichar hex_char1 = [hexString characterAtIndex:i]; ////两位16进制数中的第一位(高位*16)
int int_ch1;
if(hex_char1 >= '0' && hex_char1 <='9')
int_ch1 = (hex_char1-48)*16; //// 0 的Ascll - 48
else if(hex_char1 >= 'A' && hex_char1 <='F')
int_ch1 = (hex_char1-55)*16; //// A 的Ascll - 65
else
return nil;
i++;
unichar hex_char2 = [hexString characterAtIndex:i]; ///两位16进制数中的第二位(低位)
int int_ch2;
if(hex_char2 >= '0' && hex_char2 <='9')
int_ch2 = (hex_char2-48); //// 0 的Ascll - 48
else if(hex_char2 >= 'A' && hex_char2 <='F')
int_ch2 = hex_char2-55; //// A 的Ascll - 65
else
return nil;
tempbyt[0] = int_ch1+int_ch2; ///将转化后的数放入Byte数组里
[bytes appendBytes:tempbyt length:1];
}
return bytes;
}
#pragma mark - AES解密
//将带密码的data转成string
+(NSString*)decryptAESData:(NSString *)string
{
NSData *hexData = [self stringToByte:string];//字符串转16进行data
//使用密码对data进行解密
NSData *decryData = [hexData AES128DecryptWithKey:KEY gIv:Iv];
//将解了密码的nsdata转化为nsstring
NSString *str = [[NSString alloc] initWithData:decryData encoding:NSUTF8StringEncoding];
return str;
}
//将带密码的data转成string
+(NSString*)decryptWeb64AESData:(NSString *)string{
//base64解密
NSData *decodeBase64Data=[QN_GTM_Base64 webSafeDecodeString:string];
//使用密码对data进行解密
NSData *decryData = [decodeBase64Data AES128DecryptWithKey:KEY gIv:Iv];
//将解了密码的nsdata转化为nsstring
NSString *str = [[NSString alloc] initWithData:decryData encoding:NSUTF8StringEncoding];
return str;
}
@end
最后
这是一段学习的练习代码。
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
