如何在 Objective C 中使用 AES 256 CBC 进行加密

Question

我正在构建一个 iPhone 应用程序，它获取一个加密字符串并将其发送到后端。

在 PHP 中，我像这样加密字符串：

$encrypt_method = "AES-256-CBC";
$secret_key = 'This is my secret key';
$secret_iv = 'This is my secret iv';

// hash
$key = hash('sha256', $secret_key);

// iv - encrypt method AES-256-CBC expects 16 bytes - else you will get a warning
$iv = substr(hash('sha256', $secret_iv), 0, 16);

if( $action == 'encrypt' ) {
    $output = openssl_encrypt($string, $encrypt_method, $key, 0, $iv);
    $output = base64_encode($output);
}

在 Objective C 中我如何做同样的事情

Answer 1

#import <CommonCrypto/CommonCryptor.h>

#define key @"YOUR_KEY"
#define iv @"YOUR_IV"

- (NSData *) cryptOperation:(CCOperation)operation
{
    // 'key' should be 32 bytes for AES256, will be null-padded otherwise
    char keys[kCCKeySizeAES256 + 1];
    [key getCString:keys maxLength:sizeof(keys) encoding:NSUTF8StringEncoding];
    // Perform PKCS7Padding on the key.
    unsigned long bytes_to_pad = sizeof(keys) - [key length];
    if (bytes_to_pad > 0)
    {
        char byte = bytes_to_pad;
        for (unsigned long i = sizeof(keys) - bytes_to_pad; i < sizeof(keys); i++)
            keys[i] = byte;
    }
    NSUInteger dataLength = [self length];
    //See the doc: For block ciphers, the output size will always be less than or
    //equal to the input size plus the size of one block.
    //That's why we need to add the size of one block here
    size_t bufferSize = dataLength + kCCBlockSizeAES128;
    void *buffer = malloc(bufferSize);
    size_t numBytesDecrypted = 0;
    CCCryptorStatus status = CCCrypt(operation, kCCAlgorithmAES128,
                                     kCCOptionPKCS7Padding,
                                     keys, kCCKeySizeAES256,
                                     [iv UTF8String],
                                     [self bytes], dataLength, /* input */
                                     buffer, bufferSize, /* output */
                                     &numBytesDecrypted);
    if (status == kCCSuccess)
    {
        //the returned NSData takes ownership of buffer and will free it on dealloc
        return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
    }
    free(buffer); //free the buffer;
    return nil;
}

- (NSData *)AES256Encrypt
{
    return [self cryptOperation:kCCEncrypt];
}

- (NSData *)AES256Decrypt
{
    return [self cryptOperation:kCCDecrypt];
}

您可以通过以下方式使用此方法..

NSString *receivedDataDecryptString = [self decrypt:@"YOUR_STRING"];
NSString *receivedDataEncryptString = [self encrypt:@"YOUR_STRING"];

    -(NSString *)encrypt:(NSString *)string
    {
        NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding];
        NSData *dataEncrypted = [data AES256Encrypt];
        NSString *strRecordEncrypted = [dataEncrypted base64EncodedStringWithOptions:0];
        return strRecordEncrypted;
    }

    -(NSString *)decrypt:(NSString *)string
    {
        if([string containsString:@"\n"] || [string containsString:@"\t"])
        {
            string = [[string componentsSeparatedByCharactersInSet:[NSCharacterSet newlineCharacterSet]] componentsJoinedByString:@""];
            string = [string stringByReplacingOccurrencesOfString:@"\t" withString:@""];
        }
    NSData *keyData = [[NSData alloc] initWithBase64EncodedString:string options:0];
    NSData *dataDecrypted = [keyData AES256Decrypt];
    NSString *receivedDataDecryptString = [[NSString alloc]initWithData:dataDecrypted encoding:NSUTF8StringEncoding];
    return receivedDataDecryptString;
}

Answer 2

感谢Nirav Kotecha您的回答。

我最终使用CrytoSwift 并添加扩展类 NSString 和 String 来调用它。