One line of code to implement IOS 3DES encryption and decryption _ios

3DES (or Triple DES) is the generic term for a triple-Data encryption Algorithm (Tdea,triple-Encryption-algorithm) block cipher. It is equivalent to applying three DES encryption algorithms to each block of data. The encryption key length of the original des Cipher becomes easily brute force because of the enhancement of computer computing power; 3DES is designed to provide a relatively simple way to avoid similar attacks by increasing the length of the Des's key, rather than designing a new block cipher algorithm.

3DES, also known as Triple DES, is a model of DES encryption algorithms that uses 3 56-bit keys to encrypt data three times. Data Encryption Standard (DES) is a long-standing encryption standard in the United States, which uses symmetric key cryptography and was ANSI x.3.92 in 1981 by the ANSI organization specification. Des uses a 56-bit key and cipher block method, while in the Cipher block method, the text is divided into 64-bit chunks of text and then encrypted. More secure than the original des,3des.

One line of code to achieve 3DES encryption decryption requires the written Jkencrypt Https://github.com/jukai9316/JKEncrypt.

The following 3DES implementations are resolved below, and then again, how to use Jkencrypt.

Note: The padding is different.

In the process of interacting with the background, because Java inside the use of pkcs5padding, and iOS only kccoptionpkcs7padding, so with kccoptionpkcs7padding | Kccoptionecbmode is equivalent to pkcs5padding.

The following is the implementation of 3DES 256 in IOS development:

#import <CommonCrypto/CommonDigest.h> #import <CommonCrypto/CommonCryptor.h> #import <security/ security.h> #import "GTMBase64.h"//Keyring Key #define Gkey @ "Kyle_chu"//Offset #define GIV @ "Jukai"//String Encryption-(N Sstring *) Doencryptstr: (NSString *) originalstr{//Turn string nsdata nsdata* data = [Originalstr Datausingencoding:nsutf8
  Stringencoding];
  Length size_t plaintextbuffersize = [data length];
  const void *vplaintext = (const void *) [data bytes];
  Cccryptorstatus Ccstatus;
  uint8_t *bufferptr = NULL;
  size_t bufferptrsize = 0;
  size_t movedbytes = 0;
  Bufferptrsize = (plaintextbuffersize + kccblocksize3des) & ~ (KCCBLOCKSIZE3DES-1);
  Bufferptr = malloc (bufferptrsize * sizeof (uint8_t));
  memset (void *) Bufferptr, 0x0, bufferptrsize);
  const void *vkey = (const void *) [Gkey utf8string];
  Offset const void *vinitvec = (const void *) [gIv utf8string];
     Configure Cccrypt Ccstatus = Cccrypt (Kccencrypt, Kccalgorithm3des,//3des       Kccoptionecbmode|kccoptionpkcs7padding,//Set mode vkey,//key kcckeysize3des, Vin Itvec,//offset, not here, set to nil; If you don't, you must be nil, you can't think @ "" Vplaintext, Plaintextbuffersize, (void
  *) Bufferptr, bufferptrsize, &movedbytes);
  NSData *mydata = [NSData datawithbytes: (const void *) Bufferptr length: (Nsuinteger) movedbytes];
  NSString *result = [GTMBase64 stringbyencodingdata:mydata];
return result; }//String decryption-(nsstring*) Dodecencryptstr: (NSString *) encryptstr{nsdata *encryptdata = [GTMBase64 decodedata:[encryptstr D
  Atausingencoding:nsutf8stringencoding]];
  size_t plaintextbuffersize = [encryptdata length];
  const void *vplaintext = [encryptdata bytes];
  Cccryptorstatus Ccstatus;
  uint8_t *bufferptr = NULL;
  size_t bufferptrsize = 0;
  size_t movedbytes = 0;
  Bufferptrsize = (plaintextbuffersize + kccblocksize3des) & ~ (KCCBLOCKSIZE3DES-1); Bufferptr = malloc (bufferptrsize * sizeof (Uint8_t));
  memset (void *) Bufferptr, 0x0, bufferptrsize);
  const void *vkey = (const void *) [Gkey utf8string];
  const void *vinitvec = (const void *) [gIv utf8string];
            Ccstatus = Cccrypt (Kccdecrypt, Kccalgorithm3des, Kccoptionpkcs7padding|kccoptionecbmode,
            Vkey, Kcckeysize3des, Vinitvec, Vplaintext, Plaintextbuffersize,
  (void *) Bufferptr, bufferptrsize, &movedbytes);
                                   NSString *result = [[NSString alloc] initwithdata:[nsdata datawithbytes: (const void *) Bufferptr
  Length: (Nsuinteger) movedbytes] encoding:nsutf8stringencoding];
return result;  }

The hexadecimal implementation is omitted and can be read jkencrypt.m

Use of Jkencrypt:

1, set the key you need, offset
//keys key
#define Gkey      @ "Kyle_chu"
//Offset
#define GIV       @ "Jukai"// 
@ " Kyle_jukai "is the test string, replaced by the content you need to encrypt
jkencrypt the * en = [[Jkencrypt alloc]init];
Encryption
NSString * encryptstr = [en doencryptstr: @ "Kyle_jukai"];
NSString * Encrypthex = [en Doencrypthex: @ "Kyle_jukai"];
NSLog (@ "string encryption:%@", encryptstr);
NSLog (@ "hex encryption:%@", Encrypthex);
Decryption
NSString *decencryptstr = [en dodecencryptstr:encryptstr];
NSString *decencrypthex = [en doencrypthex:encrypthex];
NSLog (@ "string decryption:%@", DECENCRYPTSTR);

Ps:ios des encryption and 3DES encryption

Recently, the project encountered the problem of encryption and decryption, and then read the relevant information, successfully handled. Now the knowledge points summed up, one is to review later, the second is to provide you with reference.

1. First of all, to say des operation, definition I do not describe here, a bunch of online. Next, you should pay attention to the use of several points. First, we need to distinguish between key (key), data (to be manipulated) and mode (encryption mode). The key must be 8 bytes (64 bits), the data need to be 8 bytes (64 bits) of multiples, it should be noted here, if data is not a multiple of 8 bytes, then we need to fill the data, the data fill the use of the algorithm is not necessarily the same. Mode seems to have many kinds, here is simply the ECB and CBC mode.

ECB mode: The data to be processed is divided into blocks, each of which is 8 bytes (64 bits) and the same length as the key. Each block is then encrypted or decrypted, and the final link to them is the final result. Each piece of data does not interfere with each other.

CBC mode: You also need to block the data to be processed, but each piece of data must be encrypted or decrypted with the result of the previous piece, so the pattern needs to define a special 8-byte key for the first piece of data to be different or manipulated. This particular key is usually called the initialization vector. When writing in code, you need to configure the IV parameter, and note that the IV parameter corresponds to the CBC mode. In this way, each piece of data is linked, which is different from the ECB model.

2. Again, 3DES operation, that is, 3 times des operation. Set Ek () and DK () respectively for the DES algorithm encryption and decryption process, K on behalf of the DES algorithm used by the key, p for plaintext, c for ciphertext, then the 3DES algorithm process can be expressed as:

C = Ek3 (Dk2 (EK1 (P)))

P = Dk1 (Ek2 (DK3 (C)))

3DES also has the ECB and CBC mode, as mentioned above. Here you need to pay attention to the length of the key, should be 24 bits. For example, the key we know is 16 bits, then we need to divide it into 2 paragraphs, each paragraph is 8 bits, then k1= left 8, k2= right 8, k3= left 8, that is, K1=K3, but not k1=k2=k3, because if each section uses the same key, then return to the DES algorithm.