我从Bruce Schneier的网站上获得了Paul Kocher的实现.以下是加密方法的外观:
#define PADDING_PHRASE @" "
#import "CryptoUtilities.h"
#import "blowfish.h"
#import "NSData+Base64Utilities.h"
@implementation CryptoUtilities
+ (NSString *)blowfishEncrypt:(NSData *)messageData usingKey:(NSData *)secretKey
{
NSMutableData *dataToEncrypt = [messageData mutableCopy];
if ([dataToEncrypt length] % 8) {
NSMutableData *emptyData = [[PADDING_PHRASE dataUsingEncoding:NSUTF8StringEncoding] mutableCopy];
emptyData.length = 8 - [dataToEncrypt length] % 8;
[dataToEncrypt appendData:emptyData];
}
// Here we have data ready to encipher
BLOWFISH_CTX ctx;
Blowfish_Init (&ctx, (unsigned char*)[secretKey bytes], [secretKey length]);
NSRange aLeftRange, aRightRange;
NSData *aLeftBox, *aRightBox;
unsigned long dl = 0, dr = 0;
for (int i = 0; i < [dataToEncrypt length]; i += 8) { // Divide data into octets...
// …and then into quartets
aLeftRange = NSMakeRange(i, 4);
aRightRange = NSMakeRange(i + 4, 4);
aLeftBox = [dataToEncrypt subdataWithRange:aLeftRange];
aRightBox = [dataToEncrypt subdataWithRange:aRightRange];
// Convert bytes into unsigned long
[aLeftBox getBytes:&dl length:sizeof(unsigned long)];
[aRightBox getBytes:&dr length:sizeof(unsigned long)];
// Encipher
Blowfish_Encrypt(&ctx, &dl, &dr);
// Put bytes back
[dataToEncrypt replaceBytesInRange:aLeftRange withBytes:&dl];
[dataToEncrypt replaceBytesInRange:aRightRange withBytes:&dr];
}
return [dataToEncrypt getBase64String];
}
我不是很擅长C,但似乎我的实现工作正常.解密你只需要重复相同的步骤,但不是Blowfish_Encrypt你需要调用Blowfish_Decrypt.
这是一个源代码(我假设您只是解密密文,但不在这里处理填充):
+ (NSData *)blowfishDecrypt:(NSData *)messageData usingKey:(NSData *)secretKeyData
{
NSMutableData *decryptedData = [messageData mutableCopy];
BLOWFISH_CTX ctx;
Blowfish_Init (&ctx, (unsigned char*)[secretKeyData bytes], [secretKeyData length]);
NSRange aLeftRange, aRightRange;
NSData *aLeftBox, *aRightBox;
unsigned long dl = 0, dr = 0;
for (int i = 0; i< [decryptedData length]; i += 8) { // Divide data into octets...
// …and then into quartets
aLeftRange = NSMakeRange(i, 4);
aRightRange = NSMakeRange(i + 4, 4);
aLeftBox = [decryptedData subdataWithRange:aLeftRange];
aRightBox = [decryptedData subdataWithRange:aRightRange];
// Convert bytes into unsigned long
[aLeftBox getBytes:&dl length:sizeof(unsigned long)];
[aRightBox getBytes:&dr length:sizeof(unsigned long)];
// Decipher
Blowfish_Decrypt(&ctx, &dl, &dr);
// Put bytes back
[decryptedData replaceBytesInRange:aLeftRange withBytes:&dl];
[decryptedData replaceBytesInRange:aRightRange withBytes:&dr];
}
return decryptedData;
}
您可能希望返回纯字节或Base64字符串.对于最后一种情况,我有一个类别,它添加了一个初始化器,它使用Base64字符串和一个方法初始化NSData对象,该方法允许从NSData获取Base64字符串.
您还应该考虑使用PADDING_PHRASE,例如,如果您不仅要添加几个空格,而是添加一些随机字节,该怎么办?在这种情况下,您应该以某种方式发送填充长度.
更新:实际上,您不应在进程中使用PADDING_PRASE.相反,您应该使用Wikipedia页面上描述的块密码的标准算法之一
| 归档时间: |
|
| 查看次数: |
5655 次 |
| 最近记录: |