Ios 在swift中使用TripleDes和MD5

我有一个使用tripleDes和MD5的java代码算法。下面是我的java代码：

 private String _encrypt(String message, String secretKey) throws Exception {

        MessageDigest md = MessageDigest.getInstance("MD5");
        byte[] digestOfPassword = md.digest(secretKey.getBytes("utf-8"));
        byte[] keyBytes = Arrays.copyOf(digestOfPassword, 16);

        SecretKey key = new SecretKeySpec(keyBytes, "DESede/ECB/PKCS7Padding");
        Cipher cipher = Cipher.getInstance("DESede/ECB/PKCS7Padding");
        cipher.init(Cipher.ENCRYPT_MODE, key);
        byte[] plainTextBytes = message.getBytes("utf-8");


        byte[] buf = cipher.doFinal(plainTextBytes);
        byte [] base64Bytes = Base64.encodeBase64(buf);
        String base64EncryptedString = new String(base64Bytes);

        return base64EncryptedString;
    }

我想在swift中使用tripleDes和MD5，我正在将此java代码转换为swift，但在swift中存在一个问题，因为在java中使用16字节，而swift使用24字节。如何解决java和swift编码之间的差异？ 这是我的swift代码：

    func myEncrypt(encryptData:String) -> String?{

            let myKeyData : NSData = ("Fanava@Wrapper!1395" as NSString).data(using: String.Encoding.utf8.rawValue)! as NSData
            let myRawData : NSData = encryptData.data(using: String.Encoding.utf8)! as NSData


   let mykeydatamd5 = Data(bytes: myKeyData.bytes, count: 24) // this key convert to 24 bytes but does not hash to md5 

  let mykeydatamd5 = Data(bytes: myKeyData.md5().bytes, count: 24) // this line converted key to md5(), 24byte, but it 


            let buffer_size : size_t = myRawData.length + kCCBlockSize3DES
            let buffer = UnsafeMutablePointer<NSData>.allocate(capacity: buffer_size)
            var num_bytes_encrypted : size_t = 0

            let operation: CCOperation = UInt32(kCCEncrypt)
            let algoritm:  CCAlgorithm = UInt32(kCCAlgorithm3DES)
            let options:   CCOptions   = UInt32(kCCOptionECBMode | kCCOptionPKCS7Padding)
            let keyLength        = size_t(kCCKeySize3DES)

            let Crypto_status: CCCryptorStatus =  CCCrypt(operation, algoritm, options, mykeydatamd5.bytes  , keyLength, nil, myRawData.bytes, myRawData.count, buffer, buffer_size, &num_bytes_encrypted)

            if UInt32(Crypto_status) == UInt32(kCCSuccess){

                let myResult: NSData = NSData(bytes: buffer, length: num_bytes_encrypted)

                free(buffer)

                return myResult.base64EncodedString(options: [])
            }else{
                free(buffer)

                return nil
            }
        }

func myEncrypt（encryptData:String）->String{
让myKeyData:NSData=（“Fanava@Wrapper！1395“作为NSString）.数据（使用：String.Encoding.utf8.rawValue）！作为NSData
让myRawData:NSData=encryptData.data（使用：String.Encoding.utf8）！作为NSData
让mykeydatamd5=Data（字节：myKeyData.bytes，计数：24）//此键转换为24字节，但不哈希为md5
让mykeydatamd5=Data（字节：myKeyData.md5（）.bytes，计数：24）//此行将密钥转换为md5（），24字节，但
let buffer_size:size_t=myRawData.length+kCCBlockSize3DES
let buffer=unsafemeutablepointer.allocate（容量：缓冲区大小）
var num\u bytes\u加密：大小\u t=0
let操作：cOperation=UInt32（kCCEncrypt）
let算法：CCAlgorithm=UInt32（kCCAlgorithm3DES）
let选项：CCOptions=UInt32（kCCOptionECBMode | kCCOptionPKCS7Padding）
let keyLength=大小（kCCKeySize3DES）
let Crypto_状态：CCCryptorStatus=CCCrypt（操作、算法、选项、mykeydatamd5.bytes、keyLength、nil、myRawData.bytes、myRawData.count、缓冲区、缓冲区大小和加密字节数）
如果UInt32（加密状态）=UInt32（kCCSuccess）{
让myResult:NSData=NSData（字节：缓冲区，长度：num\u字节\u加密）
空闲（缓冲区）
返回myResult.base64EncodedString（选项：[]）
}否则{
空闲（缓冲区）
归零
}
}

以下是可以轻松修改TrippleDES的示例代码：

从SO文件小节

用于CBC模式下使用随机IV（Swift 3+）的AES加密

iv是加密数据的前缀

aesCBC128Encrypt

将创建一个随机IV，并以加密代码为前缀。

aesCBC128Decrypt

将在解密过程中使用前缀IV

输入是数据，键是数据对象。如果需要，则在调用方法中使用编码形式（如Base64）转换为和/或从

密钥的长度应该正好是128位（16字节）、192位（24字节）或256位（32字节）。如果使用了另一个密钥大小，将抛出一个错误

默认情况下设置

此示例需要通用加密
有必要为项目设置桥接标题：

#导入

将

Security.framework

添加到项目中

这是示例，而不是生产代码

enum AESError: Error {
    case KeyError((String, Int))
    case IVError((String, Int))
    case CryptorError((String, Int))
}

// The iv is prefixed to the encrypted data
func aesCBCEncrypt(data:Data, keyData:Data) throws -> Data {
    let keyLength = keyData.count
    let validKeyLengths = [kCCKeySizeAES128, kCCKeySizeAES192, kCCKeySizeAES256]
    if (validKeyLengths.contains(keyLength) == false) {
        throw AESError.KeyError(("Invalid key length", keyLength))
    }

    let ivSize = kCCBlockSizeAES128;
    let cryptLength = size_t(ivSize + data.count + kCCBlockSizeAES128)
    var cryptData = Data(count:cryptLength)

    let status = cryptData.withUnsafeMutableBytes {ivBytes in
        SecRandomCopyBytes(kSecRandomDefault, kCCBlockSizeAES128, ivBytes)
    }
    if (status != 0) {
        throw AESError.IVError(("IV generation failed", Int(status)))
    }

    var numBytesEncrypted :size_t = 0
    let options   = CCOptions(kCCOptionPKCS7Padding)

    let cryptStatus = cryptData.withUnsafeMutableBytes {cryptBytes in
        data.withUnsafeBytes {dataBytes in
            keyData.withUnsafeBytes {keyBytes in
                CCCrypt(CCOperation(kCCEncrypt),
                        CCAlgorithm(kCCAlgorithmAES),
                        options,
                        keyBytes, keyLength,
                        cryptBytes,
                        dataBytes, data.count,
                        cryptBytes+kCCBlockSizeAES128, cryptLength,
                        &numBytesEncrypted)
            }
        }
    }

    if UInt32(cryptStatus) == UInt32(kCCSuccess) {
        cryptData.count = numBytesEncrypted + ivSize
    }
    else {
        throw AESError.CryptorError(("Encryption failed", Int(cryptStatus)))
    }

    return cryptData;
}

// The iv is prefixed to the encrypted data
func aesCBCDecrypt(data:Data, keyData:Data) throws -> Data? {
    let keyLength = keyData.count
    let validKeyLengths = [kCCKeySizeAES128, kCCKeySizeAES192, kCCKeySizeAES256]
    if (validKeyLengths.contains(keyLength) == false) {
        throw AESError.KeyError(("Invalid key length", keyLength))
    }

    let ivSize = kCCBlockSizeAES128;
    let clearLength = size_t(data.count - ivSize)
    var clearData = Data(count:clearLength)

    var numBytesDecrypted :size_t = 0
    let options   = CCOptions(kCCOptionPKCS7Padding)

    let cryptStatus = clearData.withUnsafeMutableBytes {cryptBytes in
        data.withUnsafeBytes {dataBytes in
            keyData.withUnsafeBytes {keyBytes in
                CCCrypt(CCOperation(kCCDecrypt),
                        CCAlgorithm(kCCAlgorithmAES128),
                        options,
                        keyBytes, keyLength,
                        dataBytes,
                        dataBytes+kCCBlockSizeAES128, clearLength,
                        cryptBytes, clearLength,
                        &numBytesDecrypted)
            }
        }
    }

    if UInt32(cryptStatus) == UInt32(kCCSuccess) {
        clearData.count = numBytesDecrypted
    }
    else {
        throw AESError.CryptorError(("Decryption failed", Int(cryptStatus)))
    }

    return clearData;
}

用法示例：

let clearData = "clearData0123456".data(using:String.Encoding.utf8)!
let keyData   = "keyData890123456".data(using:String.Encoding.utf8)!
print("clearData:   \(clearData as NSData)")
print("keyData:     \(keyData as NSData)")

var cryptData :Data?
do {
    cryptData = try aesCBCEncrypt(data:clearData, keyData:keyData)
    print("cryptData:   \(cryptData! as NSData)")
}
catch (let status) {
    print("Error aesCBCEncrypt: \(status)")
}

let decryptData :Data?
do {
    let decryptData = try aesCBCDecrypt(data:cryptData!, keyData:keyData)
    print("decryptData: \(decryptData! as NSData)")
}
catch (let status) {
    print("Error aesCBCDecrypt: \(status)")
}

let password     = "password"
//let salt       = "saltData".data(using: String.Encoding.utf8)!
let salt         = Data(bytes: [0x73, 0x61, 0x6c, 0x74, 0x44, 0x61, 0x74, 0x61])
let keyByteCount = 16
let rounds       = 100000

let derivedKey = pbkdf2SHA1(password:password, salt:salt, keyByteCount:keyByteCount, rounds:rounds)
print("derivedKey (SHA1): \(derivedKey! as NSData)")

示例输出：

clearData:   <636c6561 72446174 61303132 33343536>
keyData:     <6b657944 61746138 39303132 33343536>
cryptData:   <92c57393 f454d959 5a4d158f 6e1cd3e7 77986ee9 b2970f49 2bafcf1a 8ee9d51a bde49c31 d7780256 71837a61 60fa4be0>
decryptData: <636c6561 72446174 61303132 33343536>

derivedKey (SHA1): <6b9d4fa3 0385d128 f6d196ee 3f1d6dbf>

用法示例：

let clearData = "clearData0123456".data(using:String.Encoding.utf8)!
let keyData   = "keyData890123456".data(using:String.Encoding.utf8)!
print("clearData:   \(clearData as NSData)")
print("keyData:     \(keyData as NSData)")

var cryptData :Data?
do {
    cryptData = try aesCBCEncrypt(data:clearData, keyData:keyData)
    print("cryptData:   \(cryptData! as NSData)")
}
catch (let status) {
    print("Error aesCBCEncrypt: \(status)")
}

let decryptData :Data?
do {
    let decryptData = try aesCBCDecrypt(data:cryptData!, keyData:keyData)
    print("decryptData: \(decryptData! as NSData)")
}
catch (let status) {
    print("Error aesCBCDecrypt: \(status)")
}

let password     = "password"
//let salt       = "saltData".data(using: String.Encoding.utf8)!
let salt         = Data(bytes: [0x73, 0x61, 0x6c, 0x74, 0x44, 0x61, 0x74, 0x61])
let keyByteCount = 16
let rounds       = 100000

let derivedKey = pbkdf2SHA1(password:password, salt:salt, keyByteCount:keyByteCount, rounds:rounds)
print("derivedKey (SHA1): \(derivedKey! as NSData)")

示例输出：

clearData:   <636c6561 72446174 61303132 33343536>
keyData:     <6b657944 61746138 39303132 33343536>
cryptData:   <92c57393 f454d959 5a4d158f 6e1cd3e7 77986ee9 b2970f49 2bafcf1a 8ee9d51a bde49c31 d7780256 71837a61 60fa4be0>
decryptData: <636c6561 72446174 61303132 33343536>

derivedKey (SHA1): <6b9d4fa3 0385d128 f6d196ee 3f1d6dbf>

derivedKey（SHA1）：

这是非常不安全的，原因有几个。1.新工作中不应使用3DES，应使用AES。2.不要使用ECB模式，这是不安全的，请参阅，向下滚动到企鹅模式。取而代之的是将CBC模式与随机IV一起使用，只需在加密数据前加上IV前缀，以用于解密。3.不要使用MD5从密码中派生密钥，请使用PBKDF2（基于密码的密钥派生函数2）和一个大约需要100ms的舍入值。@zaph感谢您的回复，但我不得不使用tripleDes和MD5，因为我们发送数据的服务器，只要接受tripleDes和MD5，我就不能再使用其他任何东西了。好吧，但遗憾的是服务器实现不安全，是用户处于风险之中，这是不可接受的。尝试使用JavaKey=”Fanava@Wrapper！1“和iOSKey=”Fanava@Wrapper!1Fanava@W“您好@ava正在检查您的查询是否已解决。