iOS RSA加密
iOS RSA加密
?最近手上一個(gè)項(xiàng)目,之前登陸注冊(cè)修改密碼都是明文傳送的,現(xiàn)在要改成一種安全的方式,后臺(tái)選擇了RSA加密,無奈啊,iOS端RSA的資料少,而且有不少都運(yùn)行不成功,以下是我使用的加密成功后,傳輸?shù)胶蠖四苷=饷艹鰜淼囊粋€(gè)。
?
?使用mudulus和exponent進(jìn)行RSA加密:
NSString *modulus = @"ALGDczaITDZDerFxXcrqipyFyYd21PwGuI4UtHvP2l9YlK40+JN4v+YWcs6rXWhmfK46hSShyvZirDJAq+d9GFLMAeKJ/ZmJBpBdt6bNH1F29kSk8CMKRLHwBZbc7iRC6bJez4bdiT0Dog/7F/EN/hVLm25dn0Dqf1HEk15ldMpN";NSString *exponent = @"AQAB";NSString *ncrryptStr = [RSAEncryptTool RSAEncryptString:@"FranZhou" modulus:modulus exponent:exponent];
要正常使用此加密方式,需要使用cocoapods導(dǎo)入下述庫
#RSA加密pod 'OpenSSL-Universal'pod 'GTMBase64', '~> 1.0.0'網(wǎng)上有些資料是導(dǎo)入?pod 'OpenSSL',我在pod install的時(shí)候無法導(dǎo)入成功
?
?RSAEncryptTool
#import <Foundation/Foundation.h>@interface RSAEncryptTool : NSObject+ (NSString *)RSAEncryptString:(NSString *)data modulus:(NSString *)modulus exponent:(NSString *)exponent;@end//========================================================#import "RSAEncryptTool.h"#include <openssl/opensslv.h>#include <openssl/rsa.h>#include <openssl/evp.h>#include <openssl/bn.h>#import "GTMBase64.h"@implementation RSAEncryptTool+ (NSString *)RSAEncryptString:(NSString *)data modulus:(NSString *)modulus exponent:(NSString *)exponent {//一般情況這兩個(gè)字符是被base64加密過的// NSString *modulus = @"keAcC2TrYsqoYn1gyMwbX0VxzOF7iAdMVqGE0Xt/i/VHo1L7hwlRerr5xiSedjJEm2OxVG+FPn4ol1jw/adt8t2fpN7CAyTHrokqS+LcYbQPslH0pOy9ty0CctWCJhk1HD3T1ByP4K+9dpHmbbb13ixavbC318gElz8UoSeWEz8=";//通過這個(gè)可以得到其中的N//NSString *exponent = @"AQAB";//通過這個(gè)其中的e,(e也可以是一個(gè)很大的數(shù))//NSString *data = @"1234";// NSData *nsdataFromBase64String = [[NSData alloc]// initWithBase64EncodedString:base64 options:0];NSData *m = [[NSData alloc]initWithBase64EncodedString:modulus options:0];;NSData *e = [[NSData alloc]initWithBase64EncodedString:exponent options:0];;RSA *r;BIGNUM *bne, *bnn;//rsa算法中的 e和Nint blockLen;//每次最大加密字節(jié)數(shù)unsigned char *encodeData;//加密后的數(shù)據(jù)bnn = BN_new();bne = BN_new();r = RSA_new();//看到網(wǎng)上有人用BN_hex2bn這個(gè)函數(shù)來轉(zhuǎn)化的,但我用這個(gè)轉(zhuǎn)化總是失敗,最后選擇了BN_bin2bnr->e = BN_bin2bn([e bytes], [e length], bne);r->n = BN_bin2bn([m bytes], [m length], bnn);blockLen = RSA_size(r) - 11;// 公鑰長度/8 - 11encodeData = (unsigned char *)malloc(blockLen);bzero(encodeData, blockLen);//由于需要加密的內(nèi)容都在最大加密長度內(nèi),所以我沒有分塊,如果你的文本內(nèi)容長度超過了blockLen,請(qǐng)分塊處理,然后拼接起來int ret = RSA_public_encrypt([data length], (unsigned char *)[data UTF8String], encodeData, r, RSA_PKCS1_PADDING);//這里的 RSA_PKCS1_PADDING選擇的不同,對(duì)應(yīng)的最大加密長度就不一樣,當(dāng)時(shí)在網(wǎng)上看到過,現(xiàn)在找不到了,你們自己上網(wǎng)找找吧RSA_free(r);if(ret < 0){NSLog(@"encrypt failed !");return @"";}else{// NSData *result = [Base64 encodeBytes:encodeData length:ret];// char * a = (char*)malloc(sizeof(byte)*16);NSData *result = [NSData dataWithBytes: encodeData length:ret];NSString *cipherString = [GTMBase64 stringByEncodingData:result];// NSLog(@"加密后的base64:%@",cipherString);free(encodeData);// return [[NSString alloc] initWithData:result encoding:NSUTF8StringEncoding];// Byte *bytes = (Byte *)[result bytes];// NSString *hexStr=@"";// for(int i=0;i<[result length];i++)// {// NSString *newHexStr = [NSString stringWithFormat:@"%x",bytes[i]&0xff]; ///16進(jìn)制數(shù)// if([newHexStr length]==1)// hexStr = [NSString stringWithFormat:@"%@0%@",hexStr,newHexStr];// else// hexStr = [NSString stringWithFormat:@"%@%@",hexStr,newHexStr];// }// NSLog(@"bytes 的16進(jìn)制數(shù)為:%@",hexStr);return cipherString;}// } }@end
轉(zhuǎn)載于:https://www.cnblogs.com/FranZhou/p/5852009.html
總結(jié)
- 上一篇: 最新Angular2案例rebirth开
- 下一篇: 正则判断表单输入