Last active
February 28, 2020 07:46
-
-
Save sfider/3072633 to your computer and use it in GitHub Desktop.
Objective-C macro for hiding (encrypting) strings in compiled binaries.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // LOOCryptString.h | |
| // | |
| // Created by Marcin Swiderski on 6/8/12. | |
| // Copyright (c) 2012 Marcin Swiderski. All rights reserved. | |
| // | |
| // This software is provided 'as-is', without any express or implied | |
| // warranty. In no event will the authors be held liable for any damages | |
| // arising from the use of this software. | |
| // | |
| // Permission is granted to anyone to use this software for any purpose, | |
| // including commercial applications, and to alter it and redistribute it | |
| // freely, subject to the following restrictions: | |
| // | |
| // 1. The origin of this software must not be misrepresented; you must not | |
| // claim that you wrote the original software. If you use this software | |
| // in a product, an acknowledgment in the product documentation would be | |
| // appreciated but is not required. | |
| // 2. Altered source versions must be plainly marked as such, and must not be | |
| // misrepresented as being the original software. | |
| // 3. This notice may not be removed or altered from any source distribution. | |
| // | |
| // | |
| // USAGE: To hide the string you just have to surround it with a macro like this: | |
| // | |
| // NSString *secret = LOO_CRYPT_STR_N("A7LZ14F88Y", 10); | |
| // | |
| // Remember to use C-sting, because NSString literals cannot be processed in compile time. | |
| // | |
| // IMPORTANT: Works with -Os (Fastest, Smallest) optimization level. | |
| // __str - C-string. | |
| // __n - Number of characters in string (without trailing \0 character). | |
| #define LOO_CRYPT_STR_N(__str, __n) LOODecrypStrN((const unsigned char []){ LOO_ENCRYPT_STR_TO_CHAR_##__n(__str) }, __n + 1) | |
| // This is not very good encryption macro. You should change it for something stronger probably. | |
| #define LOO_ENCRYPT_STR_CHAR_AT(__str, __i) ((unsigned char)(__str[__i]) ^ 0xFF) | |
| // This must match LOO_ENCRYPT_STR_CHAR_AT. | |
| NSString *LOODecrypStrN(const unsigned char encStr[], size_t n); | |
| #define LOO_ENCRYPT_STR_TO_CHAR_0(__str) LOO_ENCRYPT_STR_CHAR_AT(__str, 0) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_1(__str) LOO_ENCRYPT_STR_TO_CHAR_0(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 1) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_2(__str) LOO_ENCRYPT_STR_TO_CHAR_1(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 2) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_3(__str) LOO_ENCRYPT_STR_TO_CHAR_2(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 3) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_4(__str) LOO_ENCRYPT_STR_TO_CHAR_3(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 4) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_5(__str) LOO_ENCRYPT_STR_TO_CHAR_4(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 5) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_6(__str) LOO_ENCRYPT_STR_TO_CHAR_5(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 6) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_7(__str) LOO_ENCRYPT_STR_TO_CHAR_6(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 7) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_8(__str) LOO_ENCRYPT_STR_TO_CHAR_7(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 8) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_9(__str) LOO_ENCRYPT_STR_TO_CHAR_8(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 9) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_10(__str) LOO_ENCRYPT_STR_TO_CHAR_9(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 10) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_11(__str) LOO_ENCRYPT_STR_TO_CHAR_10(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 11) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_12(__str) LOO_ENCRYPT_STR_TO_CHAR_11(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 12) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_13(__str) LOO_ENCRYPT_STR_TO_CHAR_12(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 13) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_14(__str) LOO_ENCRYPT_STR_TO_CHAR_13(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 14) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_15(__str) LOO_ENCRYPT_STR_TO_CHAR_14(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 15) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_16(__str) LOO_ENCRYPT_STR_TO_CHAR_15(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 16) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_17(__str) LOO_ENCRYPT_STR_TO_CHAR_16(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 17) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_18(__str) LOO_ENCRYPT_STR_TO_CHAR_17(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 18) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_19(__str) LOO_ENCRYPT_STR_TO_CHAR_18(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 19) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_20(__str) LOO_ENCRYPT_STR_TO_CHAR_19(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 20) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_21(__str) LOO_ENCRYPT_STR_TO_CHAR_20(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 21) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_22(__str) LOO_ENCRYPT_STR_TO_CHAR_21(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 22) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_23(__str) LOO_ENCRYPT_STR_TO_CHAR_22(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 23) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_24(__str) LOO_ENCRYPT_STR_TO_CHAR_23(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 24) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_25(__str) LOO_ENCRYPT_STR_TO_CHAR_24(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 25) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_26(__str) LOO_ENCRYPT_STR_TO_CHAR_25(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 26) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_27(__str) LOO_ENCRYPT_STR_TO_CHAR_26(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 27) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_28(__str) LOO_ENCRYPT_STR_TO_CHAR_27(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 28) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_29(__str) LOO_ENCRYPT_STR_TO_CHAR_28(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 29) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_30(__str) LOO_ENCRYPT_STR_TO_CHAR_29(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 30) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_31(__str) LOO_ENCRYPT_STR_TO_CHAR_30(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 31) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_32(__str) LOO_ENCRYPT_STR_TO_CHAR_31(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 32) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_33(__str) LOO_ENCRYPT_STR_TO_CHAR_32(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 33) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_34(__str) LOO_ENCRYPT_STR_TO_CHAR_33(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 34) | |
| #define LOO_ENCRYPT_STR_TO_CHAR_35(__str) LOO_ENCRYPT_STR_TO_CHAR_34(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 35) | |
| // Need more? Type (or better automatically generate) it yourself ;) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // | |
| // LOOCryptString.m | |
| // | |
| // Created by Marcin Swiderski on 6/8/12. | |
| // Copyright (c) 2012 Marcin Swiderski. All rights reserved. | |
| // | |
| // This software is provided 'as-is', without any express or implied | |
| // warranty. In no event will the authors be held liable for any damages | |
| // arising from the use of this software. | |
| // | |
| // Permission is granted to anyone to use this software for any purpose, | |
| // including commercial applications, and to alter it and redistribute it | |
| // freely, subject to the following restrictions: | |
| // | |
| // 1. The origin of this software must not be misrepresented; you must not | |
| // claim that you wrote the original software. If you use this software | |
| // in a product, an acknowledgment in the product documentation would be | |
| // appreciated but is not required. | |
| // 2. Altered source versions must be plainly marked as such, and must not be | |
| // misrepresented as being the original software. | |
| // 3. This notice may not be removed or altered from any source distribution. | |
| // | |
| #import "LOOCryptString.h" | |
| NSString *LOODecrypStrN(const unsigned char encStr[], size_t n) { | |
| char *buf = [[NSMutableData dataWithLength:n] mutableBytes]; | |
| for (NSInteger i = 0; i != n; ++i) { | |
| buf[i] = encStr[i] ^ 0xFF; | |
| } | |
| return [NSString stringWithCString:buf encoding:NSASCIIStringEncoding]; | |
| } |
I think the problem is that there is a typo on line 37 at "_str".
Great!
I think the
char *buf = [[NSMutableData dataWithLength:n] mutableBytes];
should be
char *buf = [[NSMutableData dataWithLength:n + 1] mutableBytes];
I think this is broken, I just did a test project and added this to my main
NSString *secret = LOO_CRYPT_STR_N("MYSECRET", 8);
and when I run strings on my binary it's right at the top.
Never mind... I was doing debug build. Sorry, but I will add this. please add
#import <Foundation/Foundation.h>
#include "stdlib.h
to the .h file.
Hello, I am looking for a way to make sure that my clients are only communicating to my server through my macOS app. My idea is to use the code above to hide a large string and then POST this to my server over https which also knows this large string. Is this a good way to do this or is it likely that the output of LOODecrypStrN will be accessible when passed to an NSDictionary at upload or another time?
for i in `seq 255` ; do echo "#define LOO_ENCRYPT_STR_TO_CHAR_${i}(__str) LOO_ENCRYPT_STR_TO_CHAR_`expr $i - 1`(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, $i)" ; done
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Thank you for posting this. I have no previous experience with macros and think I'm doing something wrong. I get "Use of undeclared identifier '_str'" when compiling at NSString *secret = LOO_CRYPT_STR_N("A7LZ14F88Y", 10); -- 11 times :)