最近公司修改了客户端与服务端数据传输的加密方案,采用AES ECB和GCM两种加密,由于后端采用的是Java语言,Java提供了一套系统类能够很简单的实现加密,iOS没有提供系统的类来进行加密,需要调用C语言函数实现AES加密方案,并且在iOS13之前系统未公开AES GCM加密API,所以如果要在iOS使用系统的方法实现GCM加密则需要声明iOS底层使用的API,调用该API时会执行系统的方法,但是该方案有一定风险,因为我们调用了苹果未公开的API,上架时很可能会被拒。基于以上原因,在实现GCB和GCM加密方式时我都采用了openssl的加密库,正好项目中也集成了这个库。
注意:以下代码都是基于NSData的分类进行编写实现的,并且需要引入openssl相应的头文件
1,AES ECB openssl 代码
以下代码对应的Java实现 Cipher.getInstance(AES/ECB/PKCS5Padding)
- aes ecb 解密
//aes 128 解密,256加解密原理一样
- (NSData *)aes128Ecb_DencryptWithKey:(NSData *)keyData error:(NSError **)error {
unsigned char * ptBytes = (unsigned char * )malloc(self.length);
int outlen;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_set_padding(ctx, false);
if (!EVP_DecryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, [keyData bytes], NULL)) {
*error = [self errorWithDescription:@"EVP_DecryptInit EVP_aes_128_ecb() and setkey failed."];
return nil;
}
if (!EVP_DecryptUpdate(ctx, ptBytes, &outlen, [self bytes], self.length)) {
*error = [self errorWithDescription:@"EVP_DecryptUpdate failed."];
return nil;
}
// 先得到前16位整除长度数据
NSMutableData *resultData = [NSMutableData dataWithBytes:ptBytes length:outlen];
ptBytes += outlen;
// 解析剩余数据
if (!EVP_DecryptFinal_ex(ctx, ptBytes, &outlen)) {
*error = [self errorWithDescription:@"EVP_DecryptUpdate failed."];
return nil;
}
[resultData appendBytes:ptBytes length:outlen];
EVP_CIPHER_CTX_free(ctx);
return resultData;
}
- aes ecb 加密
- (NSData *)aes128Ecb_EncryptWithKey:(NSData *)keyData error:(NSError **)error {
unsigned char * ctBytes = (unsigned char * )malloc(self.length);
int outlen;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
EVP_CIPHER_CTX_set_padding(&ctx, false);
if(!EVP_EncryptInit_ex(ctx, EVP_aes_128_ecb(), NULL, [keyData bytes], NULL)) {
*error = [self errorWithDescription:@"EVP_EncryptInit_ex EVP_aes_128_ecb() and setkey failed."];
return nil;
}
if (!EVP_EncryptUpdate(ctx, ctBytes, &outlen, [self bytes], self.length)) {
*error = [self errorWithDescription:@"EVP_EncryptUpdate failed."];
return nil;
}
// 先得到前16位整除长度数据
NSMutableData *resultData = [NSMutableData dataWithBytes:ctBytes length:outlen];
ctBytes += outlen;
if (!EVP_EncryptFinal_ex(ctx, ctBytes, &outlen)) {
*error = [self errorWithDescription:@"EVP_EncryptFinal_ex failed."];
return nil;
}
// 解析剩余数据
[resultData appendBytes:ctBytes length:outlen];
EVP_CIPHER_CTX_free(ctx);
return resultData;
}
2,AES GCM openssl 代码
GCM加密方式,Java实现的方式与C语言实现的有细微区别:GCM加密后会生成密文和tag两个数据,并且解密时也必须有tag才能解密,但是Java语言加密后将密文和tag拼接在一起当作了密文,最开始和服务端联调的时候发现加密结果怎么也对不上,最后从一篇blog中找到Java是将密文和tag拼接在一起返回的,才得以解决困扰多日的问题。
为了和服务端保持一致,以下实现方案和Java一样,将密文和tag拼接到一起返回,所以加密数据必须也是密文和tag的拼接数据。
以下代码对应的Java实现 Cipher.getInstance(AES/GCM/NoPadding)
-
aes gcm 128 解密
aes 256 加密只需要修改 EVP_aes_128_gcm() 为 EVP_aes_256_gcm() 即可
- (NSData *)aes128Gcm_DencryptWithKey:(NSData *)key_data iv:(NSData *)iv_data error:(NSError **)error {
if (self.length < 16) {
// self 需要是 加密数据+tag 的组合
return nil;
}
// 取后16位作为tag
NSData *tagData = [self subdataWithRange:(NSRange){self.length - 16, 16}];
// 前面是真正加密的数据
NSData *contentData = [self subdataWithRange:(NSRange){0, self.length - 16}];
char *gcm_ct = [contentData bytes];
char *gcm_iv = [iv_data bytes];
char *gcm_key = [key_data bytes];
unsigned char * ptBytes = (unsigned char * )malloc(self.length);
int declen = 0;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
if (!EVP_DecryptInit(ctx, EVP_aes_128_gcm(), NULL, NULL)) {
*error = [self errorWithDescription:@"EVP_DecryptInit EVP_aes_128_gcm() failed."];
return nil;
}
EVP_CIPHER_CTX_set_padding(ctx, 0);
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, [iv_data length], NULL)) {
*error = [self errorWithDescription:@"EVP_CIPHER_CTX_ctrl EVP_CTRL_GCM_SET_IVLEN Dencrypt failed."];
return nil;
}
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, [tagData bytes])) {
*error = [self errorWithDescription:@"EVP_CIPHER_CTX_ctrl EVP_CTRL_GCM_SET_TAG Dencrypt failed."];
return nil;
}
if (!EVP_DecryptInit(ctx, NULL, gcm_key, gcm_iv)) {
*error = [self errorWithDescription:@"EVP_DecryptInit Dencrypt set key and iv failed."];
return nil;
}
if (!EVP_DecryptUpdate(ctx, ptBytes, &declen, gcm_ct, [contentData length])) {
*error = [self errorWithDescription:@"EVP_DecryptUpdate Dencrypt failed."];
return nil;
}
// 得到解密数据
NSMutableData *ptgcmData = [NSMutableData dataWithCapacity:0];
[ptgcmData appendBytes:ptBytes length:declen];
if (!EVP_DecryptFinal(ctx, [ptgcmData bytes] + declen, &declen)) {
*error = [self errorWithDescription:@"EVP_DecryptFinal tag failed"];
return nil;
}
EVP_CIPHER_CTX_free(ctx);
return ptgcmData;
}
- aes gcm 128 加密
- (NSData *)aes128Gcm_EncryptWithKey:(NSData *)key_data iv:(NSData *)iv_data error:(NSError **)error {
char *gcm_ct = [self bytes];
char *gcm_iv = [iv_data bytes];
char *gcm_key = [key_data bytes];
unsigned char * ctBytes = (unsigned char * )malloc(self.length);
NSMutableData *engcmData = [[NSMutableData alloc] initWithCapacity:self.length];
unsigned char tag[16];
int enclen = 0;
EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
if (!EVP_EncryptInit_ex(ctx, EVP_aes_128_gcm(), NULL, NULL, NULL)) {
*error = [self errorWithDescription:@"EVP_EncryptInit_ex EVP_aes_128_gcm() failed."];
return nil;
}
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, [iv_data length], NULL)) {
*error = [self errorWithDescription:@"EVP_CIPHER_CTX_ctrl EVP_CTRL_GCM_SET_IVLEN Encryp failed."];
return nil;
}
if (!EVP_EncryptInit_ex(ctx, NULL, NULL, gcm_key, gcm_iv)) {
*error = [self errorWithDescription:@"EVP_DecryptInit Encryp set key and iv failed."];
return nil;
}
if (!EVP_EncryptUpdate(ctx, ctBytes, &enclen, (const unsigned char *)[self bytes], [self length])) {
*error = [self errorWithDescription:@"EVP_DecryptUpdate Encrypt data failed."];
return nil;
}
// 得到加密数据
[engcmData appendBytes:ctBytes length:enclen];
if (!EVP_EncryptFinal (ctx, [engcmData bytes] + enclen, &enclen)) {
*error = [self errorWithDescription:@"EVP_DecryptFinal Encrypt failed"];
return nil;
}
if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag)) {
*error = [self errorWithDescription:@"EVP_CIPHER_CTX_ctrl get tag failed"];
return nil;
}
// 得到 tag
[engcmData appendBytes:tag length:16];
EVP_CIPHER_CTX_free(ctx);
return engcmData;
}
iOS GCM其它解决方案:引入CommonCryptorSPI头文件,可以调用 CCCryptorGCM方法实现 openssl AES GCM的加密方案,实现比较简单。
参考资料:
1,C++ Java和Node.js之间的AES加解密研究(GCM);
2,OPENSSL库的使用-AES篇
