一、AES簡(jiǎn)介
高級(jí)加密標(biāo)準(zhǔn)(英語(yǔ):Advanced Encryption Standard,縮寫(xiě):AES),在密碼學(xué)中又稱(chēng)Rijndael加密法。AES是一個(gè)對(duì)稱(chēng)分組密碼算法,旨在取代DES成為廣泛使用的標(biāo)準(zhǔn)。根據(jù)使用的密碼長(zhǎng)度,AES最常見(jiàn)的有3種方案,用以適應(yīng)不同的場(chǎng)景要求,分別是AES-128、AES-192和AES-256。
二、算法描述
AES1
AES2
AES算法較為復(fù)雜這里不再贅述,如有興趣可點(diǎn)擊描述出處查看更多資料。
三、算法實(shí)現(xiàn)
@implementation CATSecurity
#pragma mark --
#pragma mark -- AES
/**
* get data's aes256 encrypt data
*
* @param data source data
* @param key key for encrypt/decrypt !!!key length must be 16
*
* @return aes256 encrypt data
*/
+(NSData *)aes256EncryptWithData:(NSData *)data key:(NSString *)key{
if (!key || key.length !=16) {
NSLog(@"key length must be 16");
return nil;
}
char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = data.length;
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128,
kCCOptionPKCS7Padding | kCCOptionECBMode,
keyPtr, kCCBlockSizeAES128,
NULL,
data.bytes, dataLength,
buffer, bufferSize,
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer);
return nil;
}
/**
* get source data from aes256 encrypt data
*
* @param data aes256 encrypt data
* @param key key for encrypt/decrypt !!!key length must be 16
*
* @return source data
*/
+(NSData *)aes256DecryptWithData:(NSData *)data key:(NSString *)key{
if (!key || key.length !=16) {
NSLog(@"key length must be 16");
return nil;
}
char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = data.length;
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128,
kCCOptionPKCS7Padding | kCCOptionECBMode,
keyPtr, kCCBlockSizeAES128,
NULL,
data.bytes, dataLength,
buffer, bufferSize,
&numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
}
free(buffer);
return nil;
}
/**
* get string's aes256 encrypt data
*
* @param string source string
* @param key key for encrypt/decrypt !!!key length must be 16
*
* @return aes256 encrypt data
*/
+(NSData*)aes256EncryptWithString:(NSString*)string key:(NSString *)key{
if (!key || key.length !=16) {
NSLog(@"key length must be 16");
return nil;
}
NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding];
NSData *encryptedData = [self aes256EncryptWithData:data key:key];
return encryptedData;
}
/**
* get source string from aes256 encrypt data
*
* @param data aes256 encrypt data
* @param key key for encrypt/decrypt !!!key length must be 16
*
* @return source string
*/
+(NSString*)aes256DecryptStringWithData:(NSData *)data key:(NSString *)key{
if (!key || key.length !=16) {
NSLog(@"key length must be 16");
return nil;
}
NSData *decryData = [self aes256DecryptWithData:data key:key];
NSString *string = [[NSString alloc] initWithData:decryData encoding:NSUTF8StringEncoding];
return string;
}
@end
四、補(bǔ)充
由于iOS、java的平臺(tái)差異,AES的加密算法存在兼容性問(wèn)題(iOS的AES Padding只支持ccPKCS7Padding, ccNoPadding),為了使用方便,我找了一份可兼容的Java的代碼并做了測(cè)試,詳見(jiàn)工程的java目錄。
