//
// ViewController.m
// IOS_0129_HTTP请求
//
// Created by ma c on 16/1/29.
// Copyright © 2016年 博文科技. All rights reserved.
// #import "ViewController.h"
#import "MBProgressHUD+MJ.h"
#import "NSString+Hash.h" @interface ViewController ()
@property (weak, nonatomic) IBOutlet UITextField *textName;
@property (weak, nonatomic) IBOutlet UITextField *textPassword; - (IBAction)btnlogin; @end @implementation ViewController /* 网络安全
1.常见加密算法
MD5\SHA\DES\3DES\RC2和RC4\RSA\IDEA\DSA\AES
2.加密算法的选择
一般公司都有自己的加密方案,按照公司的接口文档的规定去加密
3.MD5
1>全称:“Message Digest Algorithem5”,译为“消息摘要算法第五版”
2>效果:对输入信息生成唯一的128位散列值(32个字符)
3>特点:
a.输入两个不同的明文不会得到两个相同的输出值
b.根据输出值,不会得到原始的明文,即其过程不可逆
4>应用
a.MD5加密算法有较好的安全性,而且免费,因此该加密算法被广泛应用
b.主要运用在数字签名、文件完整性验证以及口令加密等方面
5>MD5解密网站:http://www.cmd5.com 2.网络数据加密
1>加密对象:隐私数据,比如密码,银行信息
2>加密方案
a.提交隐私数据必须用POST请求
b.使用加密算法对隐私数据进行加密,比如MD5
3>加密增强:加大破解难度
a.对明文进行两个MD5加密:MD5(MD5($pass))
b.先对明文进行撒盐,在进行MD5加密:MD5($pass.$salt) 3.本地存储加密
1>加密对象:重要数据,比如单击游戏数据 4.代码安全问题
1>现在已经有工具和技术能反编译出源代码:逆向工程
2>问题:现在反编译出来的都是C语言代码,可读性不高
3>优点:最起码能知道源代码里面用的是那些框架 ->指导我们开发不了解的软件
4>解决方案:混淆代码 */ - (void)viewDidLoad {
[super viewDidLoad]; self.view.backgroundColor = [UIColor groupTableViewBackgroundColor];
} - (void)touchesBegan:(NSSet<UITouch *> *)touches withEvent:(UIEvent *)event
{
[self.view endEditing:YES];
} - (IBAction)btnlogin { NSString *usernameText = self.textName.text;
if (usernameText.length == ) {
[MBProgressHUD showError:@"请输入账号"];
return;
} self.textPassword.secureTextEntry = YES;
NSString *password = self.textPassword.text;
if (password.length == ) {
[MBProgressHUD showError:@"请输入密码"];
return;
}
// 增加蒙板
[MBProgressHUD showMessage:@"正在拼命加载..."]; //2.POST请求
NSString *strURL = @"http://localhost:8080/MJServer/login";
NSURL *url = [NSURL URLWithString:strURL];
NSMutableURLRequest *request = [NSMutableURLRequest requestWithURL:url]; //5s后请求超时(默认60s超时)
request.timeoutInterval = ;
//设置请求方式
request.HTTPMethod = @"POST";
//设置请求头
[request setValue:@"iPhone6" forHTTPHeaderField:@"User-Agent"];
//对密码进行加密
password = [self doubleMD5:password];
password = [self MD5Salt:password];
password = [self MD5Reorder:password];
//设置请求体
NSString *param = [NSString stringWithFormat:@"username=%@&pwd=%@",usernameText,password];
//NSString -> NSData
request.HTTPBody = [param dataUsingEncoding:NSUTF8StringEncoding]; //异步请求
[self sendAsyncWithRequest:request]; }
//异步请求
- (void)sendAsyncWithRequest:(NSURLRequest *)request
{
NSOperationQueue *queue = [NSOperationQueue mainQueue]; [NSURLConnection sendAsynchronousRequest:request queue:queue completionHandler:^(NSURLResponse * _Nullable response, NSData * _Nullable data, NSError * _Nullable connectionError) { //隐藏蒙版
[MBProgressHUD hideHUD];
NSHTTPURLResponse *resp = (NSHTTPURLResponse *)response;
NSString *msg = [NSHTTPURLResponse localizedStringForStatusCode:resp.statusCode];
NSLog(@"%ld %@ %@",resp.statusCode, msg, resp.allHeaderFields); //这个block会在请求完毕的时候自动调用
if (connectionError || data == nil) {
[MBProgressHUD showError:@"请求失败"];
return;
}
//解析服务器返回的JSON数据
NSDictionary *dict = [NSJSONSerialization JSONObjectWithData:data options:NSJSONReadingMutableLeaves error:nil];
NSString *error = dict[@"error"];
if (error) {
[MBProgressHUD showError:error];
}
else{
NSString *success = dict[@"success"];
[MBProgressHUD showSuccess:success];
}
}];
} ///两次加密
- (NSString *)doubleMD5:(NSString *)text
{
return [[text md5String] md5String];
} ///先撒盐,在进行MD5加密
- (NSString *)MD5Salt:(NSString *)text
{
NSString *salt = [text stringByAppendingString:@"abc"];
return [salt md5String];
}
///先加密,后乱序
- (NSString *)MD5Reorder:(NSString *)text
{
//加密
NSString *pwd = [text md5String]; NSString *prefix = [pwd substringFromIndex:];
NSString *subfix = [pwd substringToIndex:]; //乱序
NSString *result = [prefix stringByAppendingString:subfix]; return result;
} @end