Objective-C加密算法
2010-11-15 08:06 Tracy E 阅读(5110) 评论(5) 编辑 收藏 举报#import <CommonCrypto/CommonDigest.h> #import <CommonCrypto/CommonCryptor.h> //MD5 - (NSString*)md5Hash { unsigned char result[CC_MD5_DIGEST_LENGTH]; CC_MD5([self bytes], [self length], result); return [NSString stringWithFormat: @"%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", result[0], result[1], result[2], result[3], result[4], result[5], result[6], result[7], result[8], result[9], result[10], result[11], result[12], result[13], result[14], result[15] ]; } //SHA1 - (NSString*)sha1Hash { unsigned char result[CC_SHA1_DIGEST_LENGTH]; CC_SHA1([self bytes], [self length], result); return [NSString stringWithFormat: @"%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x", result[0], result[1], result[2], result[3], result[4], result[5], result[6], result[7], result[8], result[9], result[10], result[11], result[12], result[13], result[14], result[15], result[16], result[17], result[18], result[19] ]; }
/////////////////////////////////////////////////////////////////////////////////////////////////// // base64 code found on http://www.cocoadev.com/index.pl?BaseSixtyFour // where the poster released it to public domain // style not exactly congruous with normal three20 style, but kept mostly intact with the original static const char encodingTable[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; /////////////////////////////////////////////////////////////////////////////////////////////////// + (NSData*)dataWithBase64EncodedString:(NSString *)string { if ([string length] == 0) return [NSData data]; static char *decodingTable = NULL; if (decodingTable == NULL) { decodingTable = malloc(256); if (decodingTable == NULL) return nil; memset(decodingTable, CHAR_MAX, 256); NSUInteger i; for (i = 0; i < 64; i++) decodingTable[(short)encodingTable[i]] = i; } const char *characters = [string cStringUsingEncoding:NSASCIIStringEncoding]; if (characters == NULL) // Not an ASCII string! return nil; char *bytes = malloc((([string length] + 3) / 4) * 3); if (bytes == NULL) return nil; NSUInteger length = 0; NSUInteger i = 0; while (YES) { char buffer[4]; short bufferLength; for (bufferLength = 0; bufferLength < 4; i++) { if (characters[i] == '\0') break; if (isspace(characters[i]) || characters[i] == '=') continue; buffer[bufferLength] = decodingTable[(short)characters[i]]; if (buffer[bufferLength++] == CHAR_MAX) // Illegal character! { free(bytes); return nil; } } if (bufferLength == 0) break; if (bufferLength == 1) // At least two characters are needed to produce one byte! { free(bytes); return nil; } // Decode the characters in the buffer to bytes. bytes[length++] = (buffer[0] << 2) | (buffer[1] >> 4); if (bufferLength > 2) bytes[length++] = (buffer[1] << 4) | (buffer[2] >> 2); if (bufferLength > 3) bytes[length++] = (buffer[2] << 6) | buffer[3]; } realloc(bytes, length); return [NSData dataWithBytesNoCopy:bytes length:length]; } /////////////////////////////////////////////////////////////////////////////////////////////////// - (NSString *)base64Encoding { if ([self length] == 0) return @""; char *characters = malloc((([self length] + 2) / 3) * 4); if (characters == NULL) return nil; NSUInteger length = 0; NSUInteger i = 0; while (i < [self length]) { char buffer[3] = {0,0,0}; short bufferLength = 0; while (bufferLength < 3 && i < [self length]) buffer[bufferLength++] = ((char *)[self bytes])[i++]; // Encode the bytes in the buffer to four characters, // including padding "=" characters if necessary. characters[length++] = encodingTable[(buffer[0] & 0xFC) >> 2]; characters[length++] = encodingTable[((buffer[0] & 0x03) << 4) | ((buffer[1] & 0xF0) >> 4)]; if (bufferLength > 1) characters[length++] = encodingTable[((buffer[1] & 0x0F) << 2) | ((buffer[2] & 0xC0) >> 6)]; else characters[length++] = '='; if (bufferLength > 2) characters[length++] = encodingTable[buffer[2] & 0x3F]; else characters[length++] = '='; } return [[[NSString alloc] initWithBytesNoCopy:characters length:length encoding:NSASCIIStringEncoding freeWhenDone:YES] autorelease]; } // end recycled base64 code ///////////////////////////////////////////////////////////////////////////////////////////////////
#import <CommonCrypto/CommonDigest.h> #import <CommonCrypto/CommonCryptor.h> //AES加密 - (NSData *)AES256EncryptWithKey:(NSString *)key{ char keyPtr[kCCKeySizeAES256+1]; bzero(keyPtr, sizeof(keyPtr)); [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [self length]; size_t bufferSize = dataLength + kCCBlockSizeAES128; void *buffer = malloc(bufferSize); size_t numBytesEncrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding | kCCOptionECBMode, keyPtr, kCCBlockSizeAES128, NULL, [self bytes], dataLength, buffer, bufferSize, &numBytesEncrypted); if (cryptStatus == kCCSuccess) { return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted]; } free(buffer); return nil; } //AES解密 - (NSData *)AES256DecryptWithKey:(NSString *)key{ char keyPtr[kCCKeySizeAES256+1]; bzero(keyPtr, sizeof(keyPtr)); [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [self length]; size_t bufferSize = dataLength + kCCBlockSizeAES128; void *buffer = malloc(bufferSize); size_t numBytesDecrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding | kCCOptionECBMode, keyPtr, kCCBlockSizeAES128, NULL, [self bytes], dataLength, buffer, bufferSize, &numBytesDecrypted); if (cryptStatus == kCCSuccess) { return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted]; } free(buffer); return nil; }
RSA:
#import <Foundation/Foundation.h> typedef void (^GenerateSuccessBlock)(void); @interface RSA : NSObject{ @private NSData * publicTag; NSData * privateTag; NSOperationQueue * cryptoQueue; GenerateSuccessBlock success; } @property (nonatomic,readonly) SecKeyRef publicKeyRef; @property (nonatomic,readonly) SecKeyRef privateKeyRef; @property (nonatomic,readonly) NSData *publicKeyBits; @property (nonatomic,readonly) NSData *privateKeyBits; @property (nonatomic,readonly) NSString *publicKeyString; + (id)shareInstance; - (void)generateKeyPairRSACompleteBlock:(GenerateSuccessBlock)_success; - (NSData *)RSA_EncryptUsingPublicKeyWithData:(NSData *)data; - (NSData *)RSA_EncryptUsingPrivateKeyWithData:(NSData*)data; - (NSData *)RSA_DecryptUsingPublicKeyWithData:(NSData *)data; - (NSData *)RSA_DecryptUsingPrivateKeyWithData:(NSData*)data; @end
#import "RSA.h" uint8_t *plainBuffer; uint8_t *cipherBuffer; uint8_t *decryptedBuffer; const size_t BUFFER_SIZE = 64; const size_t CIPHER_BUFFER_SIZE = 1024; const uint32_t PADDING = kSecPaddingPKCS1; const size_t kSecAttrKeySizeInBitsLength = 2024; static const UInt8 publicKeyIdentifier[] = "com.apple.sample.publickey222\0"; static const UInt8 privateKeyIdentifier[] = "com.apple.sample.privatekey111\0"; #if DEBUG #define LOGGING_FACILITY(X, Y) \ NSAssert(X, Y); #define LOGGING_FACILITY1(X, Y, Z) \ NSAssert1(X, Y, Z); #else #define LOGGING_FACILITY(X, Y) \ if (!(X)) { \ NSLog(Y); \ } #define LOGGING_FACILITY1(X, Y, Z) \ if (!(X)) { \ NSLog(Y, Z); \ } #endif @interface RSA () - (void)deleteAsymmetricKeys; @end @implementation RSA @synthesize publicKeyRef,privateKeyRef; @synthesize publicKeyBits,privateKeyBits; #pragma mark - init - (id)init{ if (self = [super init]) { cryptoQueue = [[NSOperationQueue alloc] init]; // Tag data to search for keys. privateTag = [[NSData alloc] initWithBytes:privateKeyIdentifier length:sizeof(privateKeyIdentifier)]; publicTag = [[NSData alloc] initWithBytes:publicKeyIdentifier length:sizeof(publicKeyIdentifier)]; }return self; } + (id)shareInstance{ static RSA *_rsa = nil; static dispatch_once_t onceToken; dispatch_once(&onceToken, ^{ _rsa = [[self alloc] init]; }); return _rsa; } #pragma mark - getter - (SecKeyRef)getPublicKeyRef { OSStatus resultCode = noErr; SecKeyRef publicKeyReference = NULL; if(publicKeyRef == NULL) { NSMutableDictionary * queryPublicKey = [NSMutableDictionary dictionaryWithCapacity:0]; // Set the public key query dictionary. [queryPublicKey setObject:(__bridge id)kSecClassKey forKey:(__bridge id)kSecClass]; [queryPublicKey setObject:publicTag forKey:(__bridge id)kSecAttrApplicationTag]; [queryPublicKey setObject:(__bridge id)kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; [queryPublicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef]; // Get the key. resultCode = SecItemCopyMatching((__bridge CFDictionaryRef)queryPublicKey, (CFTypeRef *)&publicKeyReference); //NSLog(@"getPublicKey: result code: %ld", resultCode); if(resultCode != noErr) { publicKeyReference = NULL; } queryPublicKey =nil; } else { //NSLog(@"no use SecItemCopyMatching\n"); publicKeyReference = publicKeyRef; } return publicKeyReference; } - (SecKeyRef)getPrivateKeyRef { OSStatus resultCode = noErr; SecKeyRef privateKeyReference = NULL; if(privateKeyRef == NULL) { NSMutableDictionary * queryPrivateKey = [[NSMutableDictionary alloc] init]; // Set the private key query dictionary. [queryPrivateKey setObject:(__bridge id)kSecClassKey forKey:(__bridge id)kSecClass]; [queryPrivateKey setObject:privateTag forKey:(__bridge id)kSecAttrApplicationTag]; [queryPrivateKey setObject:(__bridge id)kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; [queryPrivateKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnRef]; // Get the key. resultCode = SecItemCopyMatching((__bridge CFDictionaryRef)queryPrivateKey, (CFTypeRef *)&privateKeyReference); //NSLog(@"getPrivateKey: result code: %ld", resultCode); if(resultCode != noErr) { privateKeyReference = NULL; } queryPrivateKey = nil; } else { //NSLog(@"no use SecItemCopyMatching\n"); privateKeyReference = privateKeyRef; } return privateKeyReference; } - (NSData *)publicKeyBits { OSStatus sanityCheck = noErr; CFTypeRef _publicKeyBitsReference = NULL; NSMutableDictionary * queryPublicKey = [NSMutableDictionary dictionaryWithCapacity:0]; // Set the public key query dictionary. [queryPublicKey setObject:(__bridge id)kSecClassKey forKey:(__bridge id)kSecClass]; [queryPublicKey setObject:publicTag forKey:(__bridge id)kSecAttrApplicationTag]; [queryPublicKey setObject:(__bridge id)kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; [queryPublicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnData]; // Get the key bits. sanityCheck = SecItemCopyMatching((__bridge CFDictionaryRef)queryPublicKey, (CFTypeRef *)&_publicKeyBitsReference); if (sanityCheck != noErr) { _publicKeyBitsReference = NULL; } return (__bridge NSData*)_publicKeyBitsReference; } - (NSData *)privateKeyBits { OSStatus sanityCheck = noErr; CFTypeRef _privateKeyBitsReference = NULL; NSMutableDictionary * queryPublicKey = [NSMutableDictionary dictionaryWithCapacity:0]; // Set the public key query dictionary. [queryPublicKey setObject:(__bridge id)kSecClassKey forKey:(__bridge id)kSecClass]; [queryPublicKey setObject:privateTag forKey:(__bridge id)kSecAttrApplicationTag]; [queryPublicKey setObject:(__bridge id)kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; [queryPublicKey setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecReturnData]; // Get the key bits. sanityCheck = SecItemCopyMatching((__bridge CFDictionaryRef)queryPublicKey, (CFTypeRef *)&_privateKeyBitsReference); if (sanityCheck != noErr) { _privateKeyBitsReference = NULL; } return (__bridge NSData*)_privateKeyBitsReference; } - (NSString *)publicKeyString { return [[self publicKeyBits] base64Encoding]; } #pragma mark - generate rsa key pair - (void)generateKeyPairRSACompleteBlock:(GenerateSuccessBlock)_success { NSInvocationOperation * genOp = [[NSInvocationOperation alloc] initWithTarget:self selector:@selector(generateKeyPairOperation) object:nil]; [cryptoQueue addOperation:genOp]; success = _success; } - (void)generateKeyPairOperation{ @autoreleasepool { // Generate the asymmetric key (public and private) [self generateKeyPairRSA]; [self performSelectorOnMainThread:@selector(generateKeyPairCompleted) withObject:nil waitUntilDone:NO]; } } - (void)generateKeyPairCompleted{ if (success) { success(); } } - (void)generateKeyPairRSA { OSStatus sanityCheck = noErr; publicKeyRef = NULL; privateKeyRef = NULL; // First delete current keys. [self deleteAsymmetricKeys]; // Container dictionaries. NSMutableDictionary * privateKeyAttr = [NSMutableDictionary dictionaryWithCapacity:0]; NSMutableDictionary * publicKeyAttr = [NSMutableDictionary dictionaryWithCapacity:0]; NSMutableDictionary * keyPairAttr = [NSMutableDictionary dictionaryWithCapacity:0]; // Set top level dictionary for the keypair. [keyPairAttr setObject:(__bridge id)kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; [keyPairAttr setObject:[NSNumber numberWithUnsignedInteger:kSecAttrKeySizeInBitsLength] forKey:(__bridge id)kSecAttrKeySizeInBits]; // Set the private key dictionary. [privateKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecAttrIsPermanent]; [privateKeyAttr setObject:privateTag forKey:(__bridge id)kSecAttrApplicationTag]; // See SecKey.h to set other flag values. // Set the public key dictionary. [publicKeyAttr setObject:[NSNumber numberWithBool:YES] forKey:(__bridge id)kSecAttrIsPermanent]; [publicKeyAttr setObject:publicTag forKey:(__bridge id)kSecAttrApplicationTag]; // See SecKey.h to set other flag values. // Set attributes to top level dictionary. [keyPairAttr setObject:privateKeyAttr forKey:(__bridge id)kSecPrivateKeyAttrs]; [keyPairAttr setObject:publicKeyAttr forKey:(__bridge id)kSecPublicKeyAttrs]; // SecKeyGeneratePair returns the SecKeyRefs just for educational purposes. sanityCheck = SecKeyGeneratePair((__bridge CFDictionaryRef)keyPairAttr, &publicKeyRef, &privateKeyRef); LOGGING_FACILITY( sanityCheck == noErr && publicKeyRef != NULL && privateKeyRef != NULL, @"Something really bad went wrong with generating the key pair." ); } - (void)deleteAsymmetricKeys { OSStatus sanityCheck = noErr; NSMutableDictionary * queryPublicKey = [NSMutableDictionary dictionaryWithCapacity:0]; NSMutableDictionary * queryPrivateKey = [NSMutableDictionary dictionaryWithCapacity:0]; // Set the public key query dictionary. [queryPublicKey setObject:(__bridge id)kSecClassKey forKey:(__bridge id)kSecClass]; [queryPublicKey setObject:publicTag forKey:(__bridge id)kSecAttrApplicationTag]; [queryPublicKey setObject:(__bridge id)kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; // Set the private key query dictionary. [queryPrivateKey setObject:(__bridge id)kSecClassKey forKey:(__bridge id)kSecClass]; [queryPrivateKey setObject:privateTag forKey:(__bridge id)kSecAttrApplicationTag]; [queryPrivateKey setObject:(__bridge id)kSecAttrKeyTypeRSA forKey:(__bridge id)kSecAttrKeyType]; // Delete the private key. sanityCheck = SecItemDelete((__bridge CFDictionaryRef)queryPrivateKey); LOGGING_FACILITY1( sanityCheck == noErr || sanityCheck == errSecItemNotFound, @"Error removing private key, OSStatus == %ld.", sanityCheck ); // Delete the public key. sanityCheck = SecItemDelete((__bridge CFDictionaryRef)queryPublicKey); LOGGING_FACILITY1( sanityCheck == noErr || sanityCheck == errSecItemNotFound, @"Error removing public key, OSStatus == %ld.", sanityCheck ); if (publicKeyRef) CFRelease(publicKeyRef); if (privateKeyRef) CFRelease(privateKeyRef); } #pragma mark - encrypt/decrypt - (NSData*)rsaEncryptWithData:(NSData*)data usingPublicKey:(BOOL)yes{ SecKeyRef key = yes?self.publicKeyRef:self.privateKeyRef; size_t cipherBufferSize = SecKeyGetBlockSize(key); uint8_t *cipherBuffer = malloc(cipherBufferSize * sizeof(uint8_t)); memset((void *)cipherBuffer, 0*0, cipherBufferSize); NSData *plainTextBytes = data; size_t blockSize = cipherBufferSize - 11; size_t blockCount = (size_t)ceil([plainTextBytes length] / (double)blockSize); NSMutableData *encryptedData = [NSMutableData dataWithCapacity:0]; for (int i=0; i<blockCount; i++) { int bufferSize = MIN(blockSize,[plainTextBytes length] - i * blockSize); NSData *buffer = [plainTextBytes subdataWithRange:NSMakeRange(i * blockSize, bufferSize)]; OSStatus status = SecKeyEncrypt(key, kSecPaddingPKCS1, (const uint8_t *)[buffer bytes], [buffer length], cipherBuffer, &cipherBufferSize); if (status == noErr){ NSData *encryptedBytes = [NSData dataWithBytes:(const void *)cipherBuffer length:cipherBufferSize]; [encryptedData appendData:encryptedBytes]; }else{ if (cipherBuffer) { free(cipherBuffer); } return nil; } } if (cipherBuffer) free(cipherBuffer); // NSLog(@"Encrypted text (%d bytes): %@", [encryptedData length], [encryptedData description]); // NSLog(@"Encrypted text base64: %@", [Base64 encode:encryptedData]); return encryptedData; } - (NSData*)rsaDecryptWithData:(NSData*)data usingPublicKey:(BOOL)yes{ NSData *wrappedSymmetricKey = data; SecKeyRef key = yes?self.publicKeyRef:self.privateKeyRef; size_t cipherBufferSize = SecKeyGetBlockSize(key); size_t keyBufferSize = [wrappedSymmetricKey length]; NSMutableData *bits = [NSMutableData dataWithLength:keyBufferSize]; OSStatus sanityCheck = SecKeyDecrypt(key, kSecPaddingPKCS1, (const uint8_t *) [wrappedSymmetricKey bytes], cipherBufferSize, [bits mutableBytes], &keyBufferSize); NSAssert(sanityCheck == noErr, @"Error decrypting, OSStatus == %ld.", sanityCheck); [bits setLength:keyBufferSize]; return bits; } - (NSData *) RSA_EncryptUsingPublicKeyWithData:(NSData *)data{ return [self rsaEncryptWithData:data usingPublicKey:YES]; } - (NSData *) RSA_EncryptUsingPrivateKeyWithData:(NSData*)data{ return [self rsaEncryptWithData:data usingPublicKey:NO]; } - (NSData *) RSA_DecryptUsingPublicKeyWithData:(NSData *)data{ return [self rsaDecryptWithData:data usingPublicKey:YES]; } - (NSData *) RSA_DecryptUsingPrivateKeyWithData:(NSData*)data{ return [self rsaDecryptWithData:data usingPublicKey:NO]; } @end