IOS, one line of code for RSA, DES, AES, MD5 encryption, decryption

Recently made a mobile project, there are server and client types of projects, the client is to log on, the server will also return data, the server is developed in Java, the client to support multiple platforms (Android, iOS), while processing IOS data encryption encountered some problems. At first, the solution was DES encryption, the boss said DES encryption is symmetric, network capture and anti-compilation may be cracked, so take RSA encryption. RSA encryption requires public and private keys, the client holds the public key encrypted data, and the server holds the private key to decrypt the data. (iOS side public key encryption private key decryption, Java side public key encryption private key decryption, Java side private key encryption public key decryption is easy to do, iOS can not encrypt the private key decryption, can only be used for verification).

Problem

The problem 1:ios side public key encrypted data is decrypted with the Java side private key.

iOS uses the SDK functions that come with the system, use the public and private keys generated by the Mac or use Java's JDK to encrypt and decrypt itself. However, iOS encryption, Java decryption, or the reverse can not be used. It is either impossible to create a report 9809 or 50 error, or the solution is garbled. iOS system functions are only encrypted with public keys, and the private key is decrypted in a way. Public key cryptography has different results each time.

Methods for generating public and private keys on your Mac, and using the

1. Open the terminal and switch to the folder you want to output

2. Input command: OpenSSL (OpenSSL is a tool that generates various keys, Mac has been embedded

3. Input instruction: Genrsa-out RSA_PRIVATE_KEY.PEM 1024 (Generate private key, Java side used)

4. Input directive: rsa-in rsa_private_key.pem-out rsa_public_key.pem-pubout (Generate public key)

5. Input instruction: pkcs8-topk8-in rsa_private_key.pem-out pkcs8_rsa_private_key.pem-nocrypt (private key to format, use this private key when decrypting with private key on iOS)

Note: Generate three. pem files on Mac, a public key, two private keys, can be opened in the terminal through the instruction vim Xxx.pem, inside is a string, the third step generated by the Java side of the private key is used to decrypt the data, the fifth step conversion format of the private key iOS can be used to debug the public key, Private key decryption (because the private key is not left on the client)

Detailed steps

Issue 2: The server returns data also to encrypt, the eldest brother intends to encrypt with the Java private key, iOS with the public key decryption (because iOS does not have the private key encryption public key decryption, only the private key encryption public key verification), so this scheme also has the problem.

By looking at some Daniel's introduction, understand the common encryption method of iOS

1 prevent data plaintext transmission with simple UrlEncode + BASE64 encoding

2 for normal request, return data, generate MD5 checksum (add dynamic key in MD5), data integrity (simple tamper-proof, low security, advantages: fast) Check

3 for important data, use RSA for digital signature, tamper-proof

4 For more sensitive data, such as user information (login, registration, etc.), the client sends using RSA encryption, the server returns using DES (AES) encryption

Cause: The client sends the RSA encryption because RSA decryption needs to know the server private key, and the server private key is generally difficult to steal, if you use DES, you can crack the client to obtain the key, security is low. While the server returned to use DES, because regardless of whether the use of DES or RSA, the key (or the private key) are stored in the client, there is a risk of being cracked, therefore, the need to adopt a dynamic key, RSA key generation is more complex, not suitable for dynamic keys, and RSA speed is relatively slow, So choose des)

So this encryption, we chose the fourth encryption method

Encryption method

Very convenient for DES encryption and decryption on the iOS side

123	1、引入头文件 #import "DES3Util.h"2、加密时调用类方法  +(NSString *) encryptUseDES:(NSString *)plainText key:(NSString *)key;3、解密时调用类方法  +(NSString *)decryptUseDES:(NSString *)cipherText key:(NSString *)key;

Very convenient for RSA encryption and decryption at iOS side

1234567

1、引入头文件 #import "RSAUtil.h"2、公钥加密时调用类方法：+ (NSString *)encryptString:(NSString *)str publicKey:(NSString *)pubKey;+ (NSData *)encryptData:(NSData *)data publicKey:(NSString *)pubKey;3、私钥解密时调用类方法+ (NSString *)decryptString:(NSString *)str privateKey:(NSString *)privKey;+ (NSData *)decryptData:(NSData *)data privateKey:(NSString *)privKey;

Easy to MD5 encryption and decryption on the iOS side

12	1、引入头文件 #import "MD5Util"2、加密时调用方法：- (NSString *)md5:(NSString *)str;

Easy AES encryption and decryption on the iOS side

12345

1、引入头文件 #import "AES.h"2、加密时调用方法+ (NSString *)encrypt:(NSString *)message password:(NSString *)password;2、解密时调用的方法+ (NSString *)decrypt:(NSString *)base64EncodedString password:(NSString *)password;

Introduction to the principles of RSA, MD5, AES encryption

IOS, one line of code for RSA, DES, AES, MD5 encryption, decryption