任何用于AESencryption解密的cocoa源代码?
我正在寻找一些AESencryptioncocoa代码,我做了一些谷歌search。 我发现这个非常有用的链接 – http://iphonedevelopment.blogspot.com/2009/02/strong-encryption-for-cocoa-cocoa-touch.html 。 所以我试了一下,但是这对我没有用。
任何人都可以build议我一些有用的链接或源代码,可以帮助我在我的示例应用程序中实现它。
在CommonCrypto框架的iPhone上可以使用AES128encryption。 相关的函数在CommonCryptor.h头文件中。
你可以像这样创build一个隐藏:
// Assume key and keylength exist CCCryptorRef cryptor; if(kCCSuccess != CCCryptorCreate(kCCEncrypt, kCCAlgorithmAES128, 0, key, keyLength, NULL, &cryptor)) ; //handle error // Repeatedly call CCCryptorUpdate to encrypt the data CCCryptorRelease(cryptor); 从问题和链接看来,您正在寻找AES的示例实现。 我不会推荐这个 – 使用苹果的实现!
我在NSData上使用了一个简单的类别,它使用内置的CommonCrypto框架来执行AES 256位encryption。 我在Mac上使用它,但它也应该在iPhone上正常工作:
#import <CommonCrypto/CommonCryptor.h> @implementation NSData (AESAdditions) - (NSData*)AES256EncryptWithKey:(NSString*)key { // 'key' should be 32 bytes for AES256, will be null-padded otherwise char keyPtr[kCCKeySizeAES256 + 1]; // room for terminator (unused) bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) // fetch key data [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [self length]; //See the doc: For block ciphers, the output size will always be less than or //equal to the input size plus the size of one block. //That's why we need to add the size of one block here size_t bufferSize = dataLength + kCCBlockSizeAES128; void* buffer = malloc(bufferSize); size_t numBytesEncrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, keyPtr, kCCKeySizeAES256, NULL /* initialization vector (optional) */, [self bytes], dataLength, /* input */ buffer, bufferSize, /* output */ &numBytesEncrypted); if (cryptStatus == kCCSuccess) { //the returned NSData takes ownership of the buffer and will free it on deallocation return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted]; } free(buffer); //free the buffer; return nil; } - (NSData*)AES256DecryptWithKey:(NSString*)key { // 'key' should be 32 bytes for AES256, will be null-padded otherwise char keyPtr[kCCKeySizeAES256 + 1]; // room for terminator (unused) bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) // fetch key data [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; NSUInteger dataLength = [self length]; //See the doc: For block ciphers, the output size will always be less than or //equal to the input size plus the size of one block. //That's why we need to add the size of one block here size_t bufferSize = dataLength + kCCBlockSizeAES128; void* buffer = malloc(bufferSize); size_t numBytesDecrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, keyPtr, kCCKeySizeAES256, NULL /* initialization vector (optional) */, [self bytes], dataLength, /* input */ buffer, bufferSize, /* output */ &numBytesDecrypted); if (cryptStatus == kCCSuccess) { //the returned NSData takes ownership of the buffer and will free it on deallocation return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted]; } free(buffer); //free the buffer; return nil; } @end
我发现的所有例子都不适合我,所以我改变了上面的解决scheme。 这一个为我工作,并使用Google-Lib的Base64的东西:
+ (NSData *)AES256DecryptWithKey:(NSString *)key data:(NSData*)data encryptOrDecrypt:(CCOperation)encryptOrDecrypt { // 'key' should be 32 bytes for AES256, will be null-padded otherwise char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused) bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding) // fetch key data [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding]; if (encryptOrDecrypt == kCCDecrypt) { data = [GTMBase64 decodeData:data]; } NSUInteger dataLength = [data length]; //See the doc: For block ciphers, the output size will always be less than or //equal to the input size plus the size of one block. //That's why we need to add the size of one block here size_t bufferSize = dataLength + kCCBlockSizeAES128; void *buffer = malloc(bufferSize); size_t numBytesDecrypted = 0; CCCryptorStatus cryptStatus = CCCrypt(encryptOrDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding, keyPtr, kCCKeySizeAES256, NULL /* initialization vector (optional) */, [data bytes], dataLength, /* input */ buffer, bufferSize, /* output */ &numBytesDecrypted); if (cryptStatus != kCCSuccess){ NSLog(@"ERROR WITH FILE ENCRYPTION / DECRYPTION"); return nil; } NSData *result; if (encryptOrDecrypt == kCCDecrypt) { result = [NSData dataWithBytes:(const void *)buffer length:(NSUInteger)numBytesDecrypted]; } else { NSData *myData = [NSData dataWithBytes:(const void *)buffer length:(NSUInteger)numBytesDecrypted]; result = [GTMBase64 encodeData:myData]; } free(buffer); //free the buffer; return result; }
感谢伟大的类别扩展。 我发现的一件事情是,当你使用一个比64位更强的algorithm的CCCrypt时,你需要遵守BIS出口法规。 请参阅iTunes Connect常见问题了解更多详情。 即使你使用苹果的inbuildencryptionAPI,你也需要得到BIS的批准。
之前有关于sf的讨论(在ssl用法的上下文中):
在iPhone应用程序中使用SSL – 导出合规性
最好的问候克里斯
