实验要求
- 编程语言不限制
- 明文“学号+姓名+专业+学院”
- 实现对明文的加密,输出密文
- 对密文实现解密,输出明文
- 不能是DES加密算法
- 报告中说明该语言提供的加密函数都有哪些,具体的使用方法并分析优缺点
代码
#import "ViewController.h"
#import "AES.h"
#import "NSString+AES.h"
@interface ViewController ()
@end
@implementation ViewController
- (void)viewDidLoad {
[super viewDidLoad];
//原文信息
NSString *plainText = @"3180807001+黄振锋+计算机科学与技术+网络空间安全学院";
//秘钥
NSString *key = @"HuangZhenFeng";
NSLog(@"纯加密:%@",[plainText AES256_Encrypt:key]);
NSLog(@"纯解密:%@",[[plainText AES256_Encrypt:key] AES256_Decrypt:key]);
//原文转码数据NSData
NSData *plainData = [plainText dataUsingEncoding:NSUTF8StringEncoding];
//用秘钥加密
NSData *cipher = [plainData AES256EncryptWithKey:key];
//得到密文
NSLog(@"密文:%@",[cipher base64EncodedStringWithOptions:0]);
//用秘钥解密
NSData *cipher1 = [cipher AES256DecryptWithKey:key];
//得到明文
NSString *plainText1 = [[NSString alloc] initWithData:cipher1 encoding:NSUTF8StringEncoding];
NSLog(@"明文:%@",plainText1);
}
#import "AES.h"
#import <Foundation/Foundation.h>
#import <CommonCrypto/CommonCryptor.h>
static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
@implementation NSData (AES)
- (NSData *)AES256EncryptWithKey:(NSString *)key {
// 'key' should be 32 bytes for AES256, will be null-padded otherwise
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
NULL /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer); //free the buffer;
return nil;
}
- (NSData *)AES256DecryptWithKey:(NSString *)key {
// 'key' should be 32 bytes for AES256, will be null-padded otherwise
char keyPtr[kCCKeySizeAES256+1]; // room for terminator (unused)
bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// fetch key data
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
keyPtr, kCCKeySizeAES256,
NULL /* initialization vector (optional) */,
[self bytes], dataLength, /* input */
buffer, bufferSize, /* output */
&numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
}
free(buffer); //free the buffer;
return nil;
}
- (NSString *)newStringInBase64FromData //追加64编码
{
NSMutableString *dest = [[NSMutableString alloc] initWithString:@""];
unsigned char * working = (unsigned char *)[self bytes];
int srcLen = [self length];
for (int i=0; i<srcLen; i += 3) {
for (int nib=0; nib<4; nib++) {
int byt = (nib == 0)?0:nib-1;
int ix = (nib+1)*2;
if (i+byt >= srcLen) break;
unsigned char curr = ((working[i+byt] << (8-ix)) & 0x3F);
if (i+nib < srcLen) curr |= ((working[i+nib] >> ix) & 0x3F);
[dest appendFormat:@"%c", base64[curr]];
}
}
return dest;
}
+ (NSString*)base64encode:(NSString*)str
{
if ([str length] == 0)
return @"";
const char *source = [str UTF8String];
int strlength = strlen(source);
char *characters = malloc(((strlength + 2) / 3) * 4);
if (characters == NULL)
return nil;
NSUInteger length = 0;
NSUInteger i = 0;
while (i < strlength) {
char buffer[3] = {0,0,0};
short bufferLength = 0;
while (bufferLength < 3 && i < strlength)
buffer[bufferLength++] = source[i++];
characters[length++] = base64[(buffer[0] & 0xFC) >> 2];
characters[length++] = base64[((buffer[0] & 0x03) << 4) | ((buffer[1] & 0xF0) >> 4)];
if (bufferLength > 1)
characters[length++] = base64[((buffer[1] & 0x0F) << 2) | ((buffer[2] & 0xC0) >> 6)];
else characters[length++] = '=';
if (bufferLength > 2)
characters[length++] = base64[buffer[2] & 0x3F];
else characters[length++] = '=';
}
NSString *g = [[NSString alloc] initWithBytesNoCopy:characters length:length encoding:NSASCIIStringEncoding freeWhenDone:YES];
return g;
}
#import "NSData+AES.h"
@implementation NSData (AES)
//加密
- (NSData *) AES256_Encrypt:(NSString *)key{
char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128,
kCCOptionPKCS7Padding | kCCOptionECBMode,
keyPtr, kCCBlockSizeAES128,
NULL,
[self bytes], dataLength,
buffer, bufferSize,
&numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}
free(buffer);
return nil;
}
//解密
- (NSData *) AES256_Decrypt:(NSString *)key{
char keyPtr[kCCKeySizeAES256+1];
bzero(keyPtr, sizeof(keyPtr));
[key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSUTF8StringEncoding];
NSUInteger dataLength = [self length];
size_t bufferSize = dataLength + kCCBlockSizeAES128;
void *buffer = malloc(bufferSize);
size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128,
kCCOptionPKCS7Padding | kCCOptionECBMode,
keyPtr, kCCBlockSizeAES128,
NULL,
[self bytes], dataLength,
buffer, bufferSize,
&numBytesDecrypted);
if (cryptStatus == kCCSuccess) {
return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
}
free(buffer);
return nil;
}
#import "NSString+AES.h"
@implementation NSString (AES)
//加密
- (NSString *) AES256_Encrypt:(NSString *)key{
const char *cstr = [self cStringUsingEncoding:NSUTF8StringEncoding];
NSData *data = [NSData dataWithBytes:cstr length:self.length];
//对数据进行加密
NSData *result = [data AES256_Encrypt:key];
//转换为2进制字符串
if (result && result.length > 0) {
Byte *datas = (Byte*)[result bytes];
NSMutableString *output = [NSMutableString stringWithCapacity:result.length * 2];
for(int i = 0; i < result.length; i++){
[output appendFormat:@"%02x", datas[i]];
}
return output;
}
return nil;
}
//解密
- (NSString *) AES256_Decrypt:(NSString *)key{
//转换为2进制Data
NSMutableData *data = [NSMutableData dataWithCapacity:self.length / 2];
unsigned char whole_byte;
char byte_chars[3] = {'\0','\0','\0'};
int i;
for (i=0; i < [self length] / 2; i++) {
byte_chars[0] = [self characterAtIndex:i*2];
byte_chars[1] = [self characterAtIndex:i*2+1];
whole_byte = strtol(byte_chars, NULL, 16);
[data appendBytes:&whole_byte length:1];
}
//对数据进行解密
NSData* result = [data AES256_Decrypt:key];
if (result && result.length > 0) {
return [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding];
}
return nil;}
总结
常见的对称加密算法有DES、3DES、AES。
本次实验使用对称加密算法是AES,AES是高级加密,也是目前使用最多的对称加密算法,目前美国国家安全局使用AES加密,苹果的钥匙串访问就是使用AES加密。对称加密的优点是算法公开,计算量小,加密速度快,加密效率高。对称加密的缺点是双方使用相同的钥匙,安全性得不到保证。使用对称加密需要注意的是秘钥的保密工作需要非常重视,并且秘钥要求定期更换。
实验中,我先使用纯AES算法加解密,然后我再使用AES+Base64算法加解密。我使用的是Objective-C语言进行编程,我先使用AES算法纯加密的时候,我发现加密方法目前不支持中文加解密,所以解密出来的东西为空,但是是数字或者英文的时候,可以加解密。后来我使用AES+Base64算法的时候,可以对中文进行正常的加解密。AES+Base64实际上是在纯AES算法上再对加密内容进行Base64加密,得到一串不含空格的英文、数字、符号的组合字符串。其中,纯AES算法加解密函数分别是:- (NSData *) AES256_Encrypt:(NSString *)key;,- (NSData *) AES256_Decrypt:(NSString *)key;。AES+Base64算法加解密函数为:- (NSData *)AES256EncryptWithKey:(NSString *)key; - (NSData *)AES256DecryptWithKey:(NSString *)key; - (NSString *)newStringInBase64FromData;。 其中key是自定义的秘钥,我的秘钥设定为“HuangZhenFeng”,明文不需要用参数传递进入,因为Objective-C支持在函数里面使用“self”来提取谁调用这个函数,所以就能取到原文信息。