加密模式:CBC
填充(CCOptions):kCCOptionPKCS7Padding
偏移量:iv
一,未加盐
1.1客户端iOS
//通用加密方法 + (NSString *)encryptString:(NSString *)plainSourceStringToEncrypt key:(NSString *)key; //通用解密方法 + (NSString *)decryptString:(NSString *)base64StringToDecrypt key:(NSString *)key;
加密方法实现:
+ (NSString *)encryptString:(NSString *)plainSourceStringToEncrypt key:(NSString *)key{ NSData *_secretData = [plainSourceStringToEncrypt dataUsingEncoding:NSUTF8StringEncoding]; // You can use md5 to make sure key is 16 bits long NSData *encryptedData = [self doCipher:_secretData context:kCCEncrypt key:key]; return [encryptedData base64EncodingWithLineLength:0]; }
解密方法方法实现:
//通用解密方法 + (NSString *)decryptString:(NSString *)base64StringToDecrypt key:(NSString *)key{ NSData *data = [self doCipher:[NSData dataWithBase64EncodedString:base64StringToDecrypt] context:kCCDecrypt key:key]; return [[[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding] autorelease]; }
+ (NSData *)doCipher:(NSData *)plainText context:(CCOperation)encryptOrDecrypt key:(NSString *)key{ NSData *aSymmetricKey = [key dataUsingEncoding:NSUTF8StringEncoding]; CCCryptorStatus ccStatus = kCCSuccess; size_t cryptBytes = 0; // Number of bytes moved to buffer. NSMutableData *dataOut = [NSMutableData dataWithLength:plainText.length + 32]; ccStatus = CCCrypt( encryptOrDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, (const void *)[aSymmetricKey bytes], 32, ivBuff, plainText.bytes, plainText.length, dataOut.mutableBytes, dataOut.length, &cryptBytes); if (ccStatus != kCCSuccess) { NSLog(@"CCCrypt status: %d", ccStatus); } dataOut.length = cryptBytes; return dataOut; }
1.2 服务端
public static string Encrypt(string p_Content, string p_Key) { return Encrypt(PaddingMode.PKCS7, CipherMode.CBC, p_Content, p_Key); }public static string Encrypt(PaddingMode p_PMode, CipherMode p_CMode, string p_Content, string p_Key) { byte[] bytes = Encoding.UTF8.GetBytes(p_Key); byte[] inputBuffer = Encoding.UTF8.GetBytes(p_Content); RijndaelManaged managed = new RijndaelManaged { Key = bytes, Mode = p_CMode, Padding = p_PMode, IV = _IV }; byte[] inArray = managed.CreateEncryptor().TransformFinalBlock(inputBuffer, 0, inputBuffer.Length); return Convert.ToBase64String(inArray, 0, inArray.Length); }
二,加盐
2.1 客户端iOS
/** * 对加解密的key进行加盐操作 * @param key * @param salt * @return */ + (NSData *)AESAddSaltForKey:(NSString *)key salt:(NSString *)salt { NSMutableData *derivedKey = [NSMutableData dataWithLength:32]; NSData *saltData = [salt dataUsingEncoding:NSUTF8StringEncoding]; int result = CCKeyDerivationPBKDF(kCCPBKDF2, // algorithm key.UTF8String, // password [key lengthOfBytesUsingEncoding:NSUTF8StringEncoding], // passwordLength saltData.bytes, // salt saltData.length, // saltLen kCCPRFHmacAlgSHA1, // PRF 10000, // rounds derivedKey.mutableBytes, // derivedKey derivedKey.length); // derivedKeyLen // Do not log password here NSAssert(result == kCCSuccess, @"Unable to create AES key for key: %d", result); return derivedKey; }+ (NSData *)doCipher:(NSData *)plainText context:(CCOperation)encryptOrDecrypt key:(NSString *)key{ // CCKeyDerivationPBKDF // CCCalibratePBKDF NSString *salt = @"234567890-!@#$%^&*()_+QWERTYUIOP{ASDFGHJKL:XCVBNM<>"; NSData *aSymmetricKey = [self AESKeyForKey:key salt:salt]; CCCryptorStatus ccStatus = kCCSuccess; size_t cryptBytes = 0; // Number of bytes moved to buffer. NSMutableData *dataOut = [NSMutableData dataWithLength:plainText.length + 32]; ccStatus = CCCrypt( encryptOrDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, (const void *)[aSymmetricKey bytes], 32, ivBuff, plainText.bytes, plainText.length, dataOut.mutableBytes, dataOut.length, &cryptBytes); if (ccStatus != kCCSuccess) { NSLog(@"CCCrypt status: %d", ccStatus); } dataOut.length = cryptBytes; return dataOut; }
2.2服务端
相关文章
How to add salt to AES Encryption in iOS and decrypting it using objective c
GitHub - lgc107/CommonCrypto: 文集https://www.jianshu.com/nb/25932942 的代码示例