使用 DES 算法对数据加密

本文涉及的产品
密钥管理服务KMS,1000个密钥,100个凭据,1个月
简介:

DES算法

提供高质量的数据保护,防止数据未经授权的泄露和未被察觉的修改

具有相当高的复杂性,使得破译的开销超过可能获得的利益,同时又要便于理解和掌握

DES密码体制的安全性应该不依赖于算法的保密,其安全性仅以加密密钥的保密为基础

实现经济,运行有效,并且适用于多种完全不同的应用

 

苹果本身支持DES加密,在项目中引入头文件 CommonCrypto/CommonCryptor.h 即可使用相关函数.

我自己对其进行了封装,支持ARC与非ARC

YXCrypto.h

//
//  YXCrypto.h
//  用秘钥给字符串加密或者解密
//
//  Created by YouXian on 14-3-18.
//  Copyright (c) 2014年 YouXian. All rights reserved.
//

#import <Foundation/Foundation.h>

@interface YXCrypto : NSObject

/*!
 * 给字符串加密
 */
+ (NSString *)DesEncryptString:(NSString*)src WithKey:(NSString *)key;

/*!
 * 给字符串解密
 */
+ (NSString *)DesDecryptString:(NSString*)src WithKey:(NSString *)key;

@end

YXCrypto.m
//
//  YXCrypto.m
//  用秘钥给字符串加密或者解密
//
//  Created by YouXian on 14-3-18.
//  Copyright (c) 2014年 YouXian. All rights reserved.
//

#import "YXCrypto.h"
#import <CommonCrypto/CommonCryptor.h>

#if __has_feature(objc_arc)
// ARC
#define Auto_Release(obj)
#define Safe_Release(obj)
#else
// 非ARC
#define Auto_Release(obj) [obj autorelease]
#define Safe_Release(obj) [obj release]; obj = nil
#endif

static YXCrypto *shareInstance = nil;

@implementation YXCrypto

/*!
 * 给字符串加密
 */
+ (NSString *)DesEncryptString:(NSString*)src WithKey:(NSString *)key {
    NSString* strRet = @"";
    
    if (shareInstance == nil)
    {
        shareInstance = [[YXCrypto alloc] init];
    }
    
    // encrypt source content
    NSData* bytes = [src dataUsingEncoding:NSUTF8StringEncoding];
    NSData* data = [shareInstance DesCryptWithOperation:kCCEncrypt
                                                  bytes:bytes
                                                    key:key];
    
    // format bytes to visible string
    char* pBuff = (char*)[data bytes];
    for (int i=0; i<data.length; i++) {
        strRet = [strRet stringByAppendingFormat:@"%02X", pBuff[i]& 0xFF];
    }
    return strRet;
}

/*!
 * 给字符串解密
 */
+ (NSString *)DesDecryptString:(NSString*)src WithKey:(NSString *)key
{
    if (shareInstance == nil)
    {
        shareInstance = [[YXCrypto alloc] init];
    }
    
    static unsigned char _map_ch2hex[] =
    {
        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09,
        0, 0, 0, 0, 0, 0, 0,    // :, ;, <, =, >, ?, @,
        0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
    };
    
    // decode source content to bytes
    unsigned char* bytes = (unsigned char*)malloc((src.length+1)*sizeof(unsigned char));
    [[src uppercaseString] getCString:(char*)bytes maxLength:src.length+1 encoding:NSUTF8StringEncoding];
    unsigned char *p1 = bytes, *p2 = bytes;
    int n = src.length/2;
    for (int i=0; i<n; i++) {
        *p1 = _map_ch2hex[*p2-'0'] * 0x10 + _map_ch2hex[*(p2+1)-'0'];
        p1++;
        p2+=2;
    }
    NSData* data = [NSData dataWithBytes:bytes
                                  length:n];
    
    // decrypt source bytes
    NSData* dataOut = [shareInstance DesCryptWithOperation:kCCDecrypt
                                                     bytes:data
                                                       key:key];
    free(bytes);
    
    NSString* strRet = [[NSString alloc] initWithData:dataOut
                                             encoding:NSUTF8StringEncoding];
    Auto_Release(strRet);
    
    return strRet;
}

- (NSData *)DesCryptWithOperation:(CCOperation)operation bytes:(NSData*)bytes key:(NSString *)key {
    
    NSUInteger dataLength = [bytes length];
    
    size_t bufferSize = ([bytes length] + kCCBlockSizeDES) & ~(kCCBlockSizeDES - 1);
    unsigned char *buffer = (unsigned char *)malloc(bufferSize*sizeof(unsigned char));
    memset((void*)buffer, 0, bufferSize);
    
    size_t numBytesCrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(operation,
                                          kCCAlgorithmDES,
                                          kCCOptionPKCS7Padding | kCCOptionECBMode,
                                          (void const*)[key UTF8String],
                                          kCCKeySizeDES,
                                          NULL,
                                          [bytes bytes], dataLength,
                                          (void*)buffer, bufferSize,
                                          &numBytesCrypted);
    NSData* dataRet = nil;
    if (cryptStatus == kCCSuccess) {
        dataRet = [[NSData alloc] initWithBytes:buffer length:numBytesCrypted];
        Auto_Release(dataRet);
    }
    free(buffer);
    return dataRet;
}

@end

使用:

 

 

附录1:https://github.com/alfaromeodev/Cryptor



//
//  Cryptor.h
//  test
//
//  Created by Da Zhang on 11/5/12.
//  Copyright 2012 __MyCompanyName__. All rights reserved.
//

#import <Foundation/Foundation.h>
#import <CommonCrypto/CommonDigest.h>
#import <CommonCrypto/CommonCryptor.h>


@interface Cryptor : NSObject {
    
}

/*
 all the methods below only support utf8 string
 */
+ (NSString *)encodeMD5:(NSString *)str;

+ (NSString *)encodeDES:(NSString *)plainString key:(NSString *)key;
+ (NSString *)decodeDES:(NSString *)decodedString key:(NSString*)key;

+ (NSString *)encodeBase64:(NSString *)plainString;
+ (NSString *)decodeBase64:(NSString *)decodedString;

@end


//
//  Cryptor.m
//  test
//
//  Created by Da Zhang on 11/5/12.
//  Copyright 2012 __MyCompanyName__. All rights reserved.
//

#import "Cryptor.h"

@interface Cryptor ()

+ (NSString *)encodeBase64WithData:(NSData *)objData;
+ (NSData *)decodeBase64WithUTF8String:(NSString *)strBase64;
+ (NSString *)parseByte2HexString:(Byte *)bytes;

@end


static const char _base64EncodingTable[64] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static const short _base64DecodingTable[256] = {
    -2, -2, -2, -2, -2, -2, -2, -2, -2, -1, -1, -2, -1, -1, -2, -2,
    -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2,
    -1, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, 62, -2, -2, -2, 63,
    52, 53, 54, 55, 56, 57, 58, 59, 60, 61, -2, -2, -2, -2, -2, -2,
    -2,  0,  1,  2,  3,  4,  5,  6,  7,  8,  9, 10, 11, 12, 13, 14,
    15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, -2, -2, -2, -2, -2,
    -2, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40,
    41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, -2, -2, -2, -2, -2,
    -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2,
    -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2,
    -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2,
    -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2,
    -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2,
    -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2,
    -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2,
    -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2, -2
};


@implementation Cryptor


#pragma mark private section
+ (NSData *)decodeBase64WithUTF8String:(NSString *)strBase64 {
    const char * objPointer = [strBase64 cStringUsingEncoding:NSUTF8StringEncoding];
    int intLength = strlen(objPointer);
    int intCurrent;
    int i = 0, j = 0, k;

    unsigned char * objResult;
    objResult = calloc(intLength, sizeof(char));

    // Run through the whole string, converting as we go
    while ( ((intCurrent = *objPointer++) != '\0') && (intLength-- > 0) ) {
        if (intCurrent == '=') {
            if (*objPointer != '=' && ((i % 4) == 1)) {// || (intLength > 0)) {
                // the padding character is invalid at this point -- so this entire string is invalid
                free(objResult);
                return nil;
            }
            continue;
        }

        intCurrent = _base64DecodingTable[intCurrent];
        if (intCurrent == -1) {
            // we're at a whitespace -- simply skip over
            continue;
        } else if (intCurrent == -2) {
            // we're at an invalid character
            free(objResult);
            return nil;
        }

        switch (i % 4) {
            case 0:
                objResult[j] = intCurrent << 2;
                break;

            case 1:
                objResult[j++] |= intCurrent >> 4;
                objResult[j] = (intCurrent & 0x0f) << 4;
                break;

            case 2:
                objResult[j++] |= intCurrent >>2;
                objResult[j] = (intCurrent & 0x03) << 6;
                break;

            case 3:
                objResult[j++] |= intCurrent;
                break;
        }
        i++;
    }

    // mop things up if we ended on a boundary
    k = j;
    if (intCurrent == '=') {
        switch (i % 4) {
            case 1:
                // Invalid state
                free(objResult);
                return nil;

            case 2:
                k++;
                // flow through
            case 3:
                objResult[k] = 0;
        }
    }

    // Cleanup and setup the return NSData
    NSData * objData = [[[NSData alloc] initWithBytes:objResult length:j] autorelease];
    free(objResult);
    return objData;
}

+ (NSString *)encodeBase64WithData:(NSData *)objData {
    const unsigned char * objRawData = [objData bytes];
    char * objPointer;
    char * strResult;

    // Get the Raw Data length and ensure we actually have data
    int intLength = [objData length];
    if (intLength == 0) return nil;

    // Setup the String-based Result placeholder and pointer within that placeholder
    strResult = (char *)calloc(((intLength + 2) / 3) * 4, sizeof(char));
    objPointer = strResult;

    // Iterate through everything
    while (intLength > 2) { // keep going until we have less than 24 bits
        *objPointer++ = _base64EncodingTable[objRawData[0] >> 2];
        *objPointer++ = _base64EncodingTable[((objRawData[0] & 0x03) << 4) + (objRawData[1] >> 4)];
        *objPointer++ = _base64EncodingTable[((objRawData[1] & 0x0f) << 2) + (objRawData[2] >> 6)];
        *objPointer++ = _base64EncodingTable[objRawData[2] & 0x3f];

        // we just handled 3 octets (24 bits) of data
        objRawData += 3;
        intLength -= 3;
    }

    // now deal with the tail end of things
    if (intLength != 0) {
        *objPointer++ = _base64EncodingTable[objRawData[0] >> 2];
        if (intLength > 1) {
            *objPointer++ = _base64EncodingTable[((objRawData[0] & 0x03) << 4) + (objRawData[1] >> 4)];
            *objPointer++ = _base64EncodingTable[(objRawData[1] & 0x0f) << 2];
            *objPointer++ = '=';
        } else {
            *objPointer++ = _base64EncodingTable[(objRawData[0] & 0x03) << 4];
            *objPointer++ = '=';
            *objPointer++ = '=';
        }
    }

    // Terminate the string-based result
    *objPointer = '\0';

    // Return the results as an NSString object
    return [NSString stringWithCString:strResult encoding:NSUTF8StringEncoding];
}

+ (NSString *)parseByte2HexString:(Byte *)bytes {
    NSMutableString *hexStr = [[NSMutableString alloc]init];
    int i = 0;
    if(bytes) {
        while (bytes[i] != '\0') {
            NSString *hexByte = [NSString stringWithFormat:@"%x",bytes[i] & 0xff];///16进制数
            if([hexByte length]==1) [hexStr appendFormat:@"0%@", hexByte];
            else [hexStr appendFormat:@"%@", hexByte];
            i++;
        }
    }
    //NSLog(@"bytes 的16进制数为:%@",hexStr);
    return hexStr;
}


#pragma mark public section
+ (NSString *)encodeMD5:(NSString *)str {

    const char *cStr = [str UTF8String];

    unsigned char result[CC_MD5_DIGEST_LENGTH];

    CC_MD5( cStr, strlen(cStr), result );

    return [NSString 

            stringWithFormat: @"%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",

            result[0], result[1],

            result[2], result[3],

            result[4], result[5],

            result[6], result[7],

            result[8], result[9],

            result[10], result[11],

            result[12], result[13],

            result[14], result[15]

            ];

}

+ (NSString *)encodeBase64:(NSString *)plainString {
    return [Cryptor encodeBase64WithData:[plainString dataUsingEncoding:NSUTF8StringEncoding]];
}

+ (NSString *)decodeBase64:(NSString *)decodedString {
    NSData * objData = [Cryptor decodeBase64WithUTF8String:decodedString];
    return [[NSString alloc] initWithData:objData encoding:NSUTF8StringEncoding];
}

+ (NSString *)encodeDES:(NSString *)plainString key:(NSString *)key {
    NSString *ciphertext = nil;
    const char *textBytes = [plainString UTF8String];
    NSUInteger dataLength = strlen(textBytes);
    unsigned char buffer[1024];
    memset(buffer, 0, sizeof(char));
    Byte iv[] = {1,2,3,4,5,6,7,8};
    size_t numBytesEncrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
                                          kCCAlgorithmDES,
                                          kCCOptionPKCS7Padding,
                                          [key UTF8String],
                                          kCCKeySizeDES,
                                          iv,
                                          textBytes,
                                          dataLength,
                                          buffer,
                                          1024,
                                          &numBytesEncrypted);
    if (cryptStatus == kCCSuccess) {
        NSData *data = [NSData dataWithBytes:buffer length:(NSUInteger)numBytesEncrypted];
        ciphertext = [[Cryptor encodeBase64WithData:data] autorelease];
    }
    return ciphertext;
}

+ (NSString *)decodeDES:(NSString*)decodedString key:(NSString*)key {
    NSData* cipherData = [Cryptor decodeBase64WithUTF8String:decodedString];
    unsigned char buffer[1024];
    memset(buffer, 0, sizeof(char));
    size_t numBytesDecrypted = 0;
    Byte iv[] = {1,2,3,4,5,6,7,8};
    CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
                                          kCCAlgorithmDES,
                                          kCCOptionPKCS7Padding,
                                          [key UTF8String],
                                          kCCKeySizeDES,
                                          iv,
                                          [cipherData bytes],
                                          [cipherData length],
                                          buffer,
                                          1024,
                                          &numBytesDecrypted);
    NSString* plainText = nil;
    if (cryptStatus == kCCSuccess) {
        NSData* data = [NSData dataWithBytes:buffer length:(NSUInteger)numBytesDecrypted];
        plainText = [[[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding] autorelease];
    }
    return plainText;
}

@end

附录2:AES加密

NSData+AES.h + NSData+AES.m


#import <Foundation/Foundation.h>

/**
 * Adds AES encryption and decryption capabilities to NSData.
 */
@interface NSData (AES)

/**
 * Encrypt NSData using AES256 with a given symmetric encryption key.
 * @param key The symmetric encryption key
 */
- (NSData *)AES256EncryptWithKey:(NSString *)key;

/**
 * Decrypt NSData using AES256 with a given symmetric encryption key.
 * @param key The symmetric encryption key
 */
- (NSData *)AES256DecryptWithKey:(NSString *)key;

@end


#import "NSData+AES.h"
#import <CommonCrypto/CommonCryptor.h>

@implementation NSData (AES)

- (NSData *)AES256EncryptWithKey:(NSString *)key
{
    // 'key' should be 32 bytes for AES256, will be null-padded otherwise
    char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
    bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
    
    // fetch key data
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
    
    NSUInteger dataLength = [self length];
    
    //See the doc: For block ciphers, the output size will always be less than or
    //equal to the input size plus the size of one block.
    //That's why we need to add the size of one block here
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);
    
    size_t numBytesEncrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
                                          keyPtr, kCCKeySizeAES256,
                                          NULL /* initialization vector (optional) */,
                                          [self bytes], dataLength, /* input */
                                          buffer, bufferSize, /* output */
                                          &numBytesEncrypted);
    if (cryptStatus == kCCSuccess) {
        //the returned NSData takes ownership of the buffer and will free it on deallocation
        return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
    }
    
    free(buffer); //free the buffer;
    return nil;
}

- (NSData *)AES256DecryptWithKey:(NSString *)key {
    // 'key' should be 32 bytes for AES256, will be null-padded otherwise
    char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
    bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
    
    // fetch key data
    [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
    
    NSUInteger dataLength = [self length];
    
    //See the doc: For block ciphers, the output size will always be less than or
    //equal to the input size plus the size of one block.
    //That's why we need to add the size of one block here
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);
    
    size_t numBytesDecrypted = 0;
    CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
                                          keyPtr, kCCKeySizeAES256,
                                          NULL /* initialization vector (optional) */,
                                          [self bytes], dataLength, /* input */
                                          buffer, bufferSize, /* output */
                                          &numBytesDecrypted);
    
    if (cryptStatus == kCCSuccess) {
        //the returned NSData takes ownership of the buffer and will free it on deallocation
        return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
    }
    
    free(buffer); //free the buffer;
    return nil;
}

@end


目录
相关文章
|
3月前
|
存储 安全 数据安全/隐私保护
浅谈对称加密(AES与DES)
浅谈对称加密(AES与DES)
70 1
|
4月前
|
算法 安全 数据安全/隐私保护
Android经典实战之常见的移动端加密算法和用kotlin进行AES-256加密和解密
本文介绍了移动端开发中常用的数据加密算法,包括对称加密(如 AES 和 DES)、非对称加密(如 RSA)、散列算法(如 SHA-256 和 MD5)及消息认证码(如 HMAC)。重点讲解了如何使用 Kotlin 实现 AES-256 的加密和解密,并提供了详细的代码示例。通过生成密钥、加密和解密数据等步骤,展示了如何在 Kotlin 项目中实现数据的安全加密。
151 1
|
4月前
|
算法 安全 数据安全/隐私保护
Android经典实战之常见的移动端加密算法和用kotlin进行AES-256加密和解密
本文介绍了移动端开发中常用的数据加密算法,包括对称加密(如 AES 和 DES)、非对称加密(如 RSA)、散列算法(如 SHA-256 和 MD5)及消息认证码(如 HMAC)。重点展示了如何使用 Kotlin 实现 AES-256 的加密和解密,提供了详细的代码示例。
79 2
|
4月前
|
算法 JavaScript 前端开发
国标非对称加密:RSA算法、非对称特征、js还原、jsencrypt和rsa模块解析
国标非对称加密:RSA算法、非对称特征、js还原、jsencrypt和rsa模块解析
300 1
|
4月前
|
算法 JavaScript 前端开发
对称加密算法解析:DES、AES及其在`pycryptodome` 和 `crypto-js` 模块中的应用
对称加密算法解析:DES、AES及其在`pycryptodome` 和 `crypto-js` 模块中的应用
182 1
|
4月前
|
算法 JavaScript 前端开发
消息摘要算法:MD5加密
消息摘要算法:MD5加密
62 1
|
5月前
|
算法 安全 数据安全/隐私保护
支付系统---微信支付09------数字签名,现在Bob想要给Pink写一封信,信件的内容不需要加密,怎样能够保证信息的完整性,使用信息完整性的主要手段是摘要算法,散列函数,哈希函数,H称为数据指纹
支付系统---微信支付09------数字签名,现在Bob想要给Pink写一封信,信件的内容不需要加密,怎样能够保证信息的完整性,使用信息完整性的主要手段是摘要算法,散列函数,哈希函数,H称为数据指纹
|
9天前
|
安全 网络安全 数据安全/隐私保护
网络安全与信息安全:关于网络安全漏洞、加密技术、安全意识等方面的知识分享
在数字化时代,网络安全和信息安全已成为我们生活中不可或缺的一部分。本文将介绍网络安全漏洞、加密技术和安全意识等方面的知识,并提供一些实用的技巧和建议,帮助读者更好地保护自己的网络安全和信息安全。
|
2天前
|
SQL 安全 网络安全
网络安全漏洞、加密技术与安全意识的知识分享
随着互联网的普及,网络安全问题日益严重。本文将介绍网络安全漏洞的概念、类型和防范措施,以及加密技术的原理和应用。同时,强调提高个人和企业的安全意识对于防范网络攻击的重要性。
|
3天前
|
监控 安全 网络安全
网络安全与信息安全:漏洞、加密与意识的交织
在数字时代的浪潮中,网络安全与信息安全成为维护数据完整性、保密性和可用性的关键。本文深入探讨了网络安全中的漏洞概念、加密技术的应用以及提升安全意识的重要性。通过实际案例分析,揭示了网络攻击的常见模式和防御策略,强调了教育和技术并重的安全理念。旨在为读者提供一套全面的网络安全知识框架,从而在日益复杂的网络环境中保护个人和组织的资产安全。