0

hi guys i'm pretty new in obj-c world and i would like know how can I encrypt a string in des? I already tried search but could not find any sample code that could help me the only thing I realized is that there is a class commonCrypt to do what I want but I do not know how to use it

my code

NSString* key = @"abc43HU0";
NSString *token = @"hellohello";


const void *vplainText;
size_t plainTextBufferSize;

plainTextBufferSize = [token length];
vplainText = (const void *) [token UTF8String];

CCCryptorStatus ccStatus;
uint8_t *bufferPtr = NULL;
size_t bufferPtrSize = 0;
size_t *movedBytes = NULL;

bufferPtrSize = (plainTextBufferSize + kCCBlockSize3DES) & ~(kCCBlockSize3DES - 1);
bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t));
memset((void *)bufferPtr, 0x0, bufferPtrSize);
// memset((void *) iv, 0x0, (size_t) sizeof(iv));


//NSString *initVec = @"init Vec";
const void *vkey = (const void *) [key UTF8String];
const void *vinitVec = (const void *) [key UTF8String];

ccStatus = CCCrypt(kCCEncrypt,
                   kCCAlgorithmDES,
                   kCCModeCBC,
                   vkey, //"123456789012345678901234", //key
                   kCCKeySizeDES,
                   vinitVec,// vinitVec, //"init Vec", //iv,
                   vplainText, //"Your Name", //plainText,
                   plainTextBufferSize,
                   (void *)bufferPtr,
                   bufferPtrSize,
                   movedBytes);

NSString *result;
NSData *myData = [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes];

result = [myData base64encoding;

crypt_result.text = myData;
user1001635
  • 3,262
  • 3
  • 16
  • 17
  • The classic comment on a classic question: what have you tried? Besides that, you should not encrypt in DES anymore, it's slow and insecure. – Maarten Bodewes Jul 07 '12 at 18:19
  • i tried to follow this example http://stackoverflow.com/questions/2512184/how-to-encrypt-an-nsstring-in-objective-c-with-des-in-ecb-mode but xcode alert me with this error 'No visible @interface for 'NSData' declares the selector 'base64encoding'' at line 'result = [myData base64encoding;' – user1001635 Jul 07 '12 at 20:42
  • No integrity checks, an effective keysize of 56 bit and ECB mode encryption to top it off. That's fine to learn the first steps of encryption, but it is *totally completely insecure*. So much so that you might as well ask the Romans to do the encryption for you. – Maarten Bodewes Jul 08 '12 at 01:09
  • I know it's unsafe but my application needs to communicate with a back-end application that uses this algorithm to encrypt the information, I have already noted that it is unsafe but no one has changed yet, and until then I will have to use the DES – user1001635 Jul 08 '12 at 09:23
  • now base64encoding don't give me a error but i receive nil result because mydata is nil, i think some parameter in CCCrypt are wrong any help for solve this? – user1001635 Jul 09 '12 at 08:31
  • Try to explicitly define the PKCS#5 or PKCS#7 padding mechanism. If you don't, CCCrypt expects exactly N blocks of [blocksize= 8] bytes. So if [plaintext length] % 8 is different than 0 you won't get a result (check your ccStatus!) – Maarten Bodewes Jul 09 '12 at 11:42

2 Answers2

2

this is the working code:

NSString* key = @"abc43HU0";
NSString *token = @"hellohello";

const void *vplainText;
size_t plainTextBufferSize = [token length];
vplainText = (const void *) [token UTF8String];    
CCCryptorStatus ccStatus;
uint8_t *bufferPtr = NULL;
size_t bufferPtrSize = 0;
size_t movedBytes = 0;

bufferPtrSize = (plainTextBufferSize + kCCBlockSizeDES) & ~(kCCBlockSizeDES - 1);
bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t));
memset((void *)bufferPtr, 0x0, bufferPtrSize);

Byte iv [] = {0x65, 0x110, 0x68, 0x26, 0x69, 0x178, 0x200, 0x219};

const void *vkey = (const void *) [key UTF8String];

ccStatus = CCCrypt(kCCEncrypt,
                   kCCAlgorithmDES,
                   kCCOptionPKCS7Padding,
                   vkey, 
                   kCCKeySizeDES,
                   iv,
                   vplainText,
                   plainTextBufferSize,
                   (void *)bufferPtr,
                   bufferPtrSize,
                   &movedBytes);

NSData *myData = [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes];
NSString* result = [base64 base64EncodeData:myData];//my own method to encoding with base64
user1001635
  • 3,262
  • 3
  • 16
  • 17
0

Try kCCOptionPKCS7Padding | kCCModeCBC for ccOptions parameter.

Maarten Bodewes
  • 90,524
  • 13
  • 150
  • 263
  • Exclusive OR? I don't think I've ever seen it used like this. Are you sure you don't mean OR `|`? – trojanfoe Jul 09 '12 at 12:08
  • @trojanfoe Yeah, `|` could be used too, but as the bits mask should not contain any bits on the same index anyway, you might as well use `^`. `|` is more clear to the reader though, so use that. (didn't you know that all cryptographers can do is XOR?) – Maarten Bodewes Jul 09 '12 at 12:15
  • So you could use OR or Exclusive OR? Sorry, I don't think you are right. If you want to clear bits you use *the inverse of the AND operation*; i.e. `kCCOptionPKCS7Padding & ~kCCModeCBC`. – trojanfoe Jul 09 '12 at 12:24
  • @trojanfoe say you have one constant `0001` binary (using bit index 0) and another constant `0010` binary (using bit index 1) then `0001 ^ 0010 == 0001 | 0010 == 0011`. The bits should be separate (different indices) if you have different options. – Maarten Bodewes Jul 09 '12 at 12:47
  • Yes you get the same result but you have to *know* what the values are; what happens when you want to use different options? You have to check that XOR gives you the right value rather than just knowing it will when using OR. – trojanfoe Jul 09 '12 at 12:49
  • @trojanfoe that will only happen if the options are disseparate, and one option implies that the other will be set. You don't need to know the values, if this isn't the case. Note that this is the *bitwise* XOR, not the *logical* XOR. – Maarten Bodewes Jul 09 '12 at 12:53