IOS中最好的数据encryptionalgorithm是什么?
我试图encryption我的数据之前发送到服务器,有没有任何高度安全的双向encryptionalgorithm? 哪一个最适合这个目的。
检查一次
在这里,键是stringvariables,声明为全局variables。
为您的代码添加sequrity框架并导入
#import <CommonCrypto/CommonDigest.h> #import <CommonCrypto/CommonCryptor.h> - (void)viewDidLoad { [super viewDidLoad]; key=@"Your own key"; // encoding NSString *encodingString=[[self encrypt:[@"Your String" dataUsingEncoding:NSUTF8StringEncoding] base64EncodedString];; //decoding NSData *data=[self decrypt:[NSData dataFromBase64String:encryptString]]; NSString *decodingString = [[NSString alloc] initWithBytes:[data bytes] length: [data length] encoding: NSASCIIStringEncoding]; } - (NSData *) encrypt:(NSData *) plainText { return [self transform:kCCEncrypt data:plainText]; } - (NSData *) decrypt:(NSData *) cipherText { return [self transform:kCCDecrypt data:cipherText]; } - (NSData *) transform:(CCOperation) encryptOrDecrypt data:(NSData *) inputData { // kCCKeySizeAES128 = 16 bytes // CC_MD5_DIGEST_LENGTH = 16 bytes NSData* secretKey = [ChipperObject md5:Key]; CCCryptorRef cryptor = NULL; CCCryptorStatus status = kCCSuccess; uint8_t iv[kCCBlockSizeAES128]; memset((void *) iv, 0x0, (size_t) sizeof(iv)); status = CCCryptorCreate(encryptOrDecrypt, kCCAlgorithmAES128,kCCOptionPKCS7Padding, [secretKey bytes], kCCKeySizeAES128, iv, &cryptor); if (status != kCCSuccess) { return nil; } size_t bufsize = CCCryptorGetOutputLength(cryptor, (size_t)[inputData length], true); void * buf = malloc(bufsize * sizeof(uint8_t)); memset(buf, 0x0, bufsize); size_t bufused = 0; size_t bytesTotal = 0; status = CCCryptorUpdate(cryptor, [inputData bytes], (size_t)[inputData length], buf, bufsize, &bufused); if (status != kCCSuccess) { free(buf); CCCryptorRelease(cryptor); return nil; } bytesTotal += bufused; status = CCCryptorFinal(cryptor, buf + bufused, bufsize - bufused, &bufused); if (status != kCCSuccess) { free(buf); CCCryptorRelease(cryptor); return nil; } bytesTotal += bufused; CCCryptorRelease(cryptor); return [NSData dataWithBytesNoCopy:buf length:bytesTotal]; }
这里是我的代码使用3des CCCrypt方法,从googlecode查找GTMBase64.h, https://code.google.com/p/google-toolbox-for-mac/source/browse/trunk/Foundation/GTMBase64.h? r = 87
#import <CommonCrypto/CommonCryptor.h> #import "GTMBase64.h" - (NSData*)TripleDES:(NSData*)plainData encryptOrDecrypt:(CCOperation)encryptOrDecrypt key:(NSString*)key { const void *vplainText; size_t plainTextBufferSize; if (encryptOrDecrypt == kCCDecrypt) { NSData *EncryptData = [GTMBase64 decodeData:plainData]; plainTextBufferSize = [EncryptData length]; vplainText = [EncryptData bytes]; } else { plainTextBufferSize = [plainData length]; vplainText = (const void *)[plainData bytes]; } CCCryptorStatus ccStatus; uint8_t *bufferPtr = NULL; size_t bufferPtrSize = 0; size_t movedBytes = 0; // uint8_t ivkCCBlockSize3DES; bufferPtrSize = (plainTextBufferSize + kCCBlockSize3DES) & ~(kCCBlockSize3DES - 1); bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t)); memset((void *)bufferPtr, 0x0, bufferPtrSize); // memset((void *) iv, 0x0, (size_t) sizeof(iv)); // NSString *key = @"123456789012345678901234"; NSString *initVec = @"init Vec"; const void *vkey = (const void *) [key UTF8String]; const void *vinitVec = (const void *) [initVec UTF8String]; ccStatus = CCCrypt(encryptOrDecrypt, kCCAlgorithm3DES, kCCOptionPKCS7Padding, vkey, //"123456789012345678901234", //key kCCKeySize3DES, vinitVec, //"init Vec", //iv, vplainText, //"Your Name", //plainText, plainTextBufferSize, (void *)bufferPtr, bufferPtrSize, &movedBytes); //if (ccStatus == kCCSuccess) NSLog(@"SUCCESS"); /*else if (ccStatus == kCC ParamError) return @"PARAM ERROR"; else if (ccStatus == kCCBufferTooSmall) return @"BUFFER TOO SMALL"; else if (ccStatus == kCCMemoryFailure) return @"MEMORY FAILURE"; else if (ccStatus == kCCAlignmentError) return @"ALIGNMENT"; else if (ccStatus == kCCDecodeError) return @"DECODE ERROR"; else if (ccStatus == kCCUnimplemented) return @"UNIMPLEMENTED"; */ NSData *result; if (encryptOrDecrypt == kCCDecrypt) { result = [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes]; } else { NSData *myData = [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes]; result = [GTMBase64 encodeData:myData]; } return result; }
用法
NSString *inputString = @"good"; //encode NSData *inputData = [inputString dataUsingEncoding:NSUTF8StringEncoding]; NSData *encriptdata = [self TripleDES:inputData encryptOrDecrypt:kCCEncrypt key:@"ff68f8e82961489a8b14b345"]; NSString *encodeString = [GTMBase64 stringByEncodingData:encriptdata]; NSLog(@"encodeString : %@" ,encodeString); //decode NSData *encodeData = [GTMBase64 decodeString:encodeString]; NSData *decodeData = [self TripleDES:encodeData encryptOrDecrypt:kCCDecrypt key:@"ff68f8e82961489a8b14b345"]; NSString *decodeString = [[NSString alloc] initWithBytes:[decodeData bytes] length:[decodeData length] encoding:NSUTF8StringEncoding]; NSLog(@"decodeString : %@" ,decodeString);
公钥基础设施(PKI)为您提供了一种值得信赖的方式来encryption两台机器之间的数据。 你可以试试看。
您可以使用HTTPS,也可以使用RC6来encryption数据。