Create a gist now

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Objective-C macro for hiding (encrypting) strings in compiled binaries.
//
// LOOCryptString.h
//
// Created by Marcin Swiderski on 6/8/12.
// Copyright (c) 2012 Marcin Swiderski. All rights reserved.
//
// This software is provided 'as-is', without any express or implied
// warranty. In no event will the authors be held liable for any damages
// arising from the use of this software.
//
// Permission is granted to anyone to use this software for any purpose,
// including commercial applications, and to alter it and redistribute it
// freely, subject to the following restrictions:
//
// 1. The origin of this software must not be misrepresented; you must not
// claim that you wrote the original software. If you use this software
// in a product, an acknowledgment in the product documentation would be
// appreciated but is not required.
// 2. Altered source versions must be plainly marked as such, and must not be
// misrepresented as being the original software.
// 3. This notice may not be removed or altered from any source distribution.
//
//
// USAGE: To hide the string you just have to surround it with a macro like this:
//
// NSString *secret = LOO_CRYPT_STR_N("A7LZ14F88Y", 10);
//
// Remember to use C-sting, because NSString literals cannot be processed in compile time.
//
// IMPORTANT: Works with -Os (Fastest, Smallest) optimization level.
// __str - C-string.
// __n - Number of characters in string (without trailing \0 character).
#define LOO_CRYPT_STR_N(__str, __n) LOODecrypStrN((const unsigned char []){ LOO_ENCRYPT_STR_TO_CHAR_##__n(__str) }, __n + 1)
// This is not very good encryption macro. You should change it for something stronger probably.
#define LOO_ENCRYPT_STR_CHAR_AT(__str, __i) ((unsigned char)(__str[__i]) ^ 0xFF)
// This must match LOO_ENCRYPT_STR_CHAR_AT.
NSString *LOODecrypStrN(const unsigned char encStr[], size_t n);
#define LOO_ENCRYPT_STR_TO_CHAR_0(__str) LOO_ENCRYPT_STR_CHAR_AT(__str, 0)
#define LOO_ENCRYPT_STR_TO_CHAR_1(__str) LOO_ENCRYPT_STR_TO_CHAR_0(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 1)
#define LOO_ENCRYPT_STR_TO_CHAR_2(__str) LOO_ENCRYPT_STR_TO_CHAR_1(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 2)
#define LOO_ENCRYPT_STR_TO_CHAR_3(__str) LOO_ENCRYPT_STR_TO_CHAR_2(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 3)
#define LOO_ENCRYPT_STR_TO_CHAR_4(__str) LOO_ENCRYPT_STR_TO_CHAR_3(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 4)
#define LOO_ENCRYPT_STR_TO_CHAR_5(__str) LOO_ENCRYPT_STR_TO_CHAR_4(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 5)
#define LOO_ENCRYPT_STR_TO_CHAR_6(__str) LOO_ENCRYPT_STR_TO_CHAR_5(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 6)
#define LOO_ENCRYPT_STR_TO_CHAR_7(__str) LOO_ENCRYPT_STR_TO_CHAR_6(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 7)
#define LOO_ENCRYPT_STR_TO_CHAR_8(__str) LOO_ENCRYPT_STR_TO_CHAR_7(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 8)
#define LOO_ENCRYPT_STR_TO_CHAR_9(__str) LOO_ENCRYPT_STR_TO_CHAR_8(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 9)
#define LOO_ENCRYPT_STR_TO_CHAR_10(__str) LOO_ENCRYPT_STR_TO_CHAR_9(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 10)
#define LOO_ENCRYPT_STR_TO_CHAR_11(__str) LOO_ENCRYPT_STR_TO_CHAR_10(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 11)
#define LOO_ENCRYPT_STR_TO_CHAR_12(__str) LOO_ENCRYPT_STR_TO_CHAR_11(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 12)
#define LOO_ENCRYPT_STR_TO_CHAR_13(__str) LOO_ENCRYPT_STR_TO_CHAR_12(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 13)
#define LOO_ENCRYPT_STR_TO_CHAR_14(__str) LOO_ENCRYPT_STR_TO_CHAR_13(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 14)
#define LOO_ENCRYPT_STR_TO_CHAR_15(__str) LOO_ENCRYPT_STR_TO_CHAR_14(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 15)
#define LOO_ENCRYPT_STR_TO_CHAR_16(__str) LOO_ENCRYPT_STR_TO_CHAR_15(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 16)
#define LOO_ENCRYPT_STR_TO_CHAR_17(__str) LOO_ENCRYPT_STR_TO_CHAR_16(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 17)
#define LOO_ENCRYPT_STR_TO_CHAR_18(__str) LOO_ENCRYPT_STR_TO_CHAR_17(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 18)
#define LOO_ENCRYPT_STR_TO_CHAR_19(__str) LOO_ENCRYPT_STR_TO_CHAR_18(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 19)
#define LOO_ENCRYPT_STR_TO_CHAR_20(__str) LOO_ENCRYPT_STR_TO_CHAR_19(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 20)
#define LOO_ENCRYPT_STR_TO_CHAR_21(__str) LOO_ENCRYPT_STR_TO_CHAR_20(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 21)
#define LOO_ENCRYPT_STR_TO_CHAR_22(__str) LOO_ENCRYPT_STR_TO_CHAR_21(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 22)
#define LOO_ENCRYPT_STR_TO_CHAR_23(__str) LOO_ENCRYPT_STR_TO_CHAR_22(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 23)
#define LOO_ENCRYPT_STR_TO_CHAR_24(__str) LOO_ENCRYPT_STR_TO_CHAR_23(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 24)
#define LOO_ENCRYPT_STR_TO_CHAR_25(__str) LOO_ENCRYPT_STR_TO_CHAR_24(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 25)
#define LOO_ENCRYPT_STR_TO_CHAR_26(__str) LOO_ENCRYPT_STR_TO_CHAR_25(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 26)
#define LOO_ENCRYPT_STR_TO_CHAR_27(__str) LOO_ENCRYPT_STR_TO_CHAR_26(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 27)
#define LOO_ENCRYPT_STR_TO_CHAR_28(__str) LOO_ENCRYPT_STR_TO_CHAR_27(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 28)
#define LOO_ENCRYPT_STR_TO_CHAR_29(__str) LOO_ENCRYPT_STR_TO_CHAR_28(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 29)
#define LOO_ENCRYPT_STR_TO_CHAR_30(__str) LOO_ENCRYPT_STR_TO_CHAR_29(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 30)
#define LOO_ENCRYPT_STR_TO_CHAR_31(__str) LOO_ENCRYPT_STR_TO_CHAR_30(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 31)
#define LOO_ENCRYPT_STR_TO_CHAR_32(__str) LOO_ENCRYPT_STR_TO_CHAR_31(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 32)
#define LOO_ENCRYPT_STR_TO_CHAR_33(__str) LOO_ENCRYPT_STR_TO_CHAR_32(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 33)
#define LOO_ENCRYPT_STR_TO_CHAR_34(__str) LOO_ENCRYPT_STR_TO_CHAR_33(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 34)
#define LOO_ENCRYPT_STR_TO_CHAR_35(__str) LOO_ENCRYPT_STR_TO_CHAR_34(__str), LOO_ENCRYPT_STR_CHAR_AT(__str, 35)
// Need more? Type (or better automatically generate) it yourself ;)
//
// LOOCryptString.m
//
// Created by Marcin Swiderski on 6/8/12.
// Copyright (c) 2012 Marcin Swiderski. All rights reserved.
//
// This software is provided 'as-is', without any express or implied
// warranty. In no event will the authors be held liable for any damages
// arising from the use of this software.
//
// Permission is granted to anyone to use this software for any purpose,
// including commercial applications, and to alter it and redistribute it
// freely, subject to the following restrictions:
//
// 1. The origin of this software must not be misrepresented; you must not
// claim that you wrote the original software. If you use this software
// in a product, an acknowledgment in the product documentation would be
// appreciated but is not required.
// 2. Altered source versions must be plainly marked as such, and must not be
// misrepresented as being the original software.
// 3. This notice may not be removed or altered from any source distribution.
//
#import "LOOCryptString.h"
NSString *LOODecrypStrN(const unsigned char encStr[], size_t n) {
char *buf = [[NSMutableData dataWithLength:n] mutableBytes];
for (NSInteger i = 0; i != n; ++i) {
buf[i] = encStr[i] ^ 0xFF;
}
return [NSString stringWithCString:buf encoding:NSASCIIStringEncoding];
}
@aaronpeterson

This comment has been minimized.

Show comment
Hide comment
@aaronpeterson

aaronpeterson Aug 18, 2013

Thank you for posting this. I have no previous experience with macros and think I'm doing something wrong. I get "Use of undeclared identifier '_str'" when compiling at NSString *secret = LOO_CRYPT_STR_N("A7LZ14F88Y", 10); -- 11 times :)

Thank you for posting this. I have no previous experience with macros and think I'm doing something wrong. I get "Use of undeclared identifier '_str'" when compiling at NSString *secret = LOO_CRYPT_STR_N("A7LZ14F88Y", 10); -- 11 times :)

@aaronpeterson

This comment has been minimized.

Show comment
Hide comment
@aaronpeterson

aaronpeterson Aug 18, 2013

I think the problem is that there is a typo on line 37 at "_str".

I think the problem is that there is a typo on line 37 at "_str".

@ChangLiuXYZ

This comment has been minimized.

Show comment
Hide comment

Great!

@ChangLiuXYZ

This comment has been minimized.

Show comment
Hide comment
@ChangLiuXYZ

ChangLiuXYZ Nov 2, 2017

I think the
char *buf = [[NSMutableData dataWithLength:n] mutableBytes];
should be
char *buf = [[NSMutableData dataWithLength:n + 1] mutableBytes];

I think the
char *buf = [[NSMutableData dataWithLength:n] mutableBytes];
should be
char *buf = [[NSMutableData dataWithLength:n + 1] mutableBytes];

@cheizer

This comment has been minimized.

Show comment
Hide comment
@cheizer

cheizer Dec 6, 2017

I think this is broken, I just did a test project and added this to my main

NSString *secret = LOO_CRYPT_STR_N("MYSECRET", 8);

and when I run strings on my binary it's right at the top.

cheizer commented Dec 6, 2017

I think this is broken, I just did a test project and added this to my main

NSString *secret = LOO_CRYPT_STR_N("MYSECRET", 8);

and when I run strings on my binary it's right at the top.

@cheizer

This comment has been minimized.

Show comment
Hide comment
@cheizer

cheizer Dec 6, 2017

Never mind... I was doing debug build. Sorry, but I will add this. please add

#import <Foundation/Foundation.h>
#include "stdlib.h

to the .h file.

cheizer commented Dec 6, 2017

Never mind... I was doing debug build. Sorry, but I will add this. please add

#import <Foundation/Foundation.h>
#include "stdlib.h

to the .h file.

@maxisme

This comment has been minimized.

Show comment
Hide comment
@maxisme

maxisme Feb 15, 2018

Hello, I am looking for a way to make sure that my clients are only communicating to my server through my macOS app. My idea is to use the code above to hide a large string and then POST this to my server over https which also knows this large string. Is this a good way to do this or is it likely that the output of LOODecrypStrN will be accessible when passed to an NSDictionary at upload or another time?

maxisme commented Feb 15, 2018

Hello, I am looking for a way to make sure that my clients are only communicating to my server through my macOS app. My idea is to use the code above to hide a large string and then POST this to my server over https which also knows this large string. Is this a good way to do this or is it likely that the output of LOODecrypStrN will be accessible when passed to an NSDictionary at upload or another time?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment