iOS开发 PBKDF2加密
既然用到PBKDF2,定义就不多介绍了
导入(如果没有索引可以直接复制粘贴)
#import <CommonCrypto/CommonKeyDerivation.h>
主要方法 CCKeyDerivationPBKDF
各个参数的意思
- CCPBKDFAlgorithm algorithm:加密的类型,这里只有kCCPBKDF2一个可选值;
- const char *password:加密明文的内容。
- size_t passwordLen:加密明文的长度
- const uint8_t *salt:加入的盐
- size_t saltLen:盐的长度
- CCPseudoRandomAlgorithm prf:算法的加密方式
- unsigned rounds:加密迭代的次数
- uint8_t *derivedKey:最后生成输出密文的部分
- size_t derivedKeyLen 生成输出密文的长度
typedef uint32_t CCPBKDFAlgorithm;
enum {
kCCPRFHmacAlgSHA1 = 1, //多用这个类型,与在线对比一样
kCCPRFHmacAlgSHA224 = 2,
kCCPRFHmacAlgSHA256 = 3,
kCCPRFHmacAlgSHA384 = 4,
kCCPRFHmacAlgSHA512 = 5,
};
#import <CommonCrypto/CommonKeyDerivation.h>
#define Result_Byte_Length 16 //一个字节8位 16 * 8 = 128位
+ (NSString *)getPBKDFKeyWithKey:(NSString *)key salt:(NSString *)salt
{
if ([StringUtil isNotEmpty:key] && [StringUtil isNotEmpty:salt]) {
NSString *myKey = key;
NSData *myKeyData = [myKey dataUsingEncoding:NSUTF8StringEncoding];
NSData *saltData = [salt dataUsingEncoding:NSUTF8StringEncoding];
unsigned char finalKey[Result_Byte_Length];
CCKeyDerivationPBKDF(kCCPBKDF2, myKeyData.bytes, myKeyData.length, saltData.bytes, saltData.length, kCCPRFHmacAlgSHA1, 1000, finalKey, Result_Byte_Length);
NSData* keyData = [NSData dataWithBytes:finalKey length:Result_Byte_Length];
NSString *finalString = [NSString string];
for(int i = 0 ; i < Result_Byte_Length ; i++)
{
char c = finalKey[i];
//转换大写的16进制(小写用@"%x")
// %02x 格式控制: 以十六进制输出,2为指定的输出字段的宽度.如果位数小于2,则左端补0
NSString *hexStr = [NSString stringWithFormat:@"%02X", (c) & 0xff];
finalString = [finalString stringByAppendingString:hexStr];
}
NSLog(@"%@",finalString);
return finalString;
}
return @"";
}
//生成256位盐
+ (NSData*)generateSalt256
{
unsigned char salt[32];
for(int i = 0 ; i < 32 ; i++)
{
salt[i] = (unsigned char)arc4random();
}
return [NSData dataWithBytes:salt length:32];
}
可以在线测试在线加密验证
Java或安卓可参考此文章:https://blog.****.net/lsf1025995457/article/details/51737233