How to encrypt a nsstring and store it in a file, and how to decrypt the same.
Please suggest me wat api's i shld use...
1
-
Perhaps you should specify what your target platform is. Are you doing this on the iPhone? On Mac OS X? cough GNUstep ?dreamlax– dreamlax2010-01-07 02:48:26 +00:00Commented Jan 7, 2010 at 2:48
Add a comment
|
5 Answers
This is the function i used for encryptiong.
DES_cfb64_encrypt( ( unsigned char * ) pchInputData, ( unsigned char * ) pchOutCipher, size, &schedule, &ParityKey, &no, DES_ENCRYPT );
I had to convert this to base64 so that i can store it in a file.
pstrResult = Base64encoding(size,( unsigned char * )pchOutCipher);
Comments
You can use gpgme
Comments
If you only need to support 10.5 or higher you can use the CommonCryptor API. The first comment to this post shows an example category for encrypting/decrypting NSData's:
http://iphonedevelopment.blogspot.com/2009/02/strong-encryption-for-cocoa-cocoa-touch.html
Comments
While not an API call, you could implement a simple XOR cipher. This is quick and simple to implement and depending on the characteristics of your string (i.e. if it is of fixed length) can be very secure. If you have a variable length string XOR encryption may not be secure enough depending on your needs. Have a look at the Wikipedia article.
7 Comments
dreamlax
XOR ciphers are NEVER secure. It is an obfuscation that is easily and trivially reversed.
mikecsh
Perhaps I'm mistaken but I was under the impressions that using a unique key of equal length to the data to be encrypted was theoretically unbreakable, effectively a 'one time pad'. Using a short, repeating key is indeed trivially reversed.
dreamlax
All you need to do to break an XOR cipher is to disassemble the binary and look for a loop that XORs over the same length as the password (or over any fixed length of data). Then, you have not just the password, but also the cipher. This can be done using a number of techniques, including the use of profiling tools that measure the use of the XOR CPU instruction in the same region in memory that the data on the disk was loaded into. It doesn't matter if the password was right or wrong, you will end up with the cipher, and once you have the cipher you can recover the plaintext.
dreamlax
Again, if you put in any arbitrary plaintext, you can monitor the memory location of the deciphering and watch how it is transformed by the XOR loop. Since the key is symmetric, you just have to XOR again but this time you XOR your result with the same plaintext that you provided before. Now you have the cipher, and you can decipher the ciphertext.
dreamlax
Another problem with XOR is that if you already know part of the password, then you already know part of the cipher.
|
If you are storing a password first decide whether or not you need to re-use the password or whether you just need to check that the user has entered the correct password.
If you just need to verify that the user has entered the correct password, then store the password using a hash, and compare the hash of the user input with the hash you have stored. If both hashes are equal, then the user has [probably] typed it correctly. See more information about hashes at Wikipedia.
If you need to re-use the password (i.e. for authenticating with other services, such as connecting to an Internet service), use Apple's Keychain service. If you are targeting the iPhone, then check out this related document.
