Skip to content

Instantly share code, notes, and snippets.

@falcon11
Created November 9, 2020 02:31
Show Gist options
  • Save falcon11/a2c921e37c9ab652096166d2c268f243 to your computer and use it in GitHub Desktop.
Save falcon11/a2c921e37c9ab652096166d2c268f243 to your computer and use it in GitHub Desktop.
Objective-C AES/GCM/NoPadding crypto
// pod 'AesGcm'
#import <AesGcm/IAGAesGcm.h>
// replace with your own key, base64 encoding
static NSString * const AES_GCM_KEY = @"MTIzNDU2Nzg5MGFiY2RlZg==";
- (NSString *)encryptString:(NSString *)text {
NSData *key = [[NSData alloc] initWithBase64EncodedString:AES_GCM_KEY options:NSDataBase64DecodingIgnoreUnknownCharacters];
NSData *iv = [self randomKeyDataGeneratorWithNumberBits:96];
NSData *aad = [NSData data];
NSData *plainData = [text dataUsingEncoding:NSUTF8StringEncoding];
// when
IAGCipheredData *cipheredData = [IAGAesGcm cipheredDataByAuthenticatedEncryptingPlainData:plainData
withAdditionalAuthenticatedData:aad
authenticationTagLength:IAGAuthenticationTagLength128
initializationVector:iv
key:key
error:nil];
// then
NSData *cipheredBuffer = [NSData dataWithBytes:cipheredData.cipheredBuffer
length:cipheredData.cipheredBufferLength];
NSData *extraBuffer = [NSData dataWithBytes:cipheredData.authenticationTag
length:cipheredData.authenticationTagLength];
NSMutableData *fullBuffer = [[NSMutableData alloc] initWithData:iv];
[fullBuffer appendData:cipheredBuffer];
[fullBuffer appendData:extraBuffer];
NSString *ciphertext = [fullBuffer base64EncodedStringWithOptions:0];
return ciphertext;
}
- (NSString *)decryptString:(NSString *)encryptedString {
// given
NSData *key = [[NSData alloc] initWithBase64EncodedString:AES_GCM_KEY options:NSDataBase64DecodingIgnoreUnknownCharacters];
NSData *aad = [NSData data];
NSData *encryptedData = [[NSData alloc] initWithBase64EncodedString:encryptedString options:NSDataBase64DecodingIgnoreUnknownCharacters];
NSData *iv = [encryptedData subdataWithRange:NSMakeRange(0, 12)];
NSData *ciphertext = [encryptedData subdataWithRange:NSMakeRange(12, encryptedData.length - 12 - 16)];
NSData *authTag = [encryptedData subdataWithRange:NSMakeRange(encryptedData.length - 16, 16)];
IAGCipheredData *cipheredData = [[IAGCipheredData alloc] initWithCipheredBuffer:ciphertext.bytes
cipheredBufferLength:ciphertext.length
authenticationTag:authTag.bytes
authenticationTagLength:authTag.length];
// when
NSData *plainData = [IAGAesGcm plainDataByAuthenticatedDecryptingCipheredData:cipheredData
withAdditionalAuthenticatedData:aad
initializationVector:iv
key:key
error:nil];
// then
NSString *plainText = [[NSString alloc] initWithData:plainData encoding:NSUTF8StringEncoding];
return plainText;
}
/*!
* @brief Generates NSData from a randomly generated byte array with a specific number of bits
* @param numberOfBits the number of bits the generated data must have
* @return the randomly generated NSData
*/
- (NSData *)randomKeyDataGeneratorWithNumberBits:(int)numberOfBits {
int numberOfBytes = numberOfBits/8;
uint8_t randomBytes[numberOfBytes];
int result = SecRandomCopyBytes(kSecRandomDefault, numberOfBytes, randomBytes);
if(result == 0) {
return [NSData dataWithBytes:randomBytes length:numberOfBytes];
} else {
return nil;
}
}
@timothy-20
Copy link

awesome:)

@xiaoxiaotudou
Copy link

when string is so large, the lib will crash

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment