|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(Objective-C) Duplicate SQL Server ENCRYPTBYPASSPHRASESee more Encryption ExamplesDemonstrates how to duplicate SQL Server's ENCRYPTBYPASSPHRASE.
#import <NSString.h> #import <CkoStringBuilder.h> #import <CkoCrypt2.h> #import <CkoBinData.h> #import <CkoPrng.h> // This example requires the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // For SQL Server 2008 - SQL Server 2016 we must use TripleDES with SHA1 // For SQL Server 2017 and later, use AES256 / SHA256. NSString *password = @"tEst1234"; NSString *encryptedHex_v1 = @"0x010000001E8E7DCDBD4061B951999E25D18445D2305474D2D71EEE98A241C755246F58AB"; // Here's an encrypted string using AES256/SHA256 NSString *encryptedHex_v2 = @"0x02000000FFE880C0354780481E64EF25B6197A02E2A854A4BA9D8D9BDDFDAB27EB56537ABDA0B1D9C4D1050C91B313550DECF429"; CkoStringBuilder *sbEncHex = [[CkoStringBuilder alloc] init]; [sbEncHex Append: encryptedHex_v1]; // If present, we don't want the leading "0x" if ([sbEncHex StartsWith: @"0x" caseSensitive: NO] == YES) { [sbEncHex RemoveCharsAt: [NSNumber numberWithInt: 0] numChars: [NSNumber numberWithInt: 2]]; } CkoCrypt2 *crypt = [[CkoCrypt2 alloc] init]; crypt.EncodingMode = @"hex"; // The encrypted hex string will begin with either 01000000 or 02000000 // version 1 is produced by SQL Server 2008 to SQL Server 2016, and we must use TripleDES with SHA1 // version 2 is for SQL Server 2017 and later, and uses AES256 / SHA256. BOOL v1 = [sbEncHex StartsWith: @"01" caseSensitive: NO]; int ivLen = 0; NSString *hashAlg = 0; if (v1 == YES) { crypt.CryptAlgorithm = @"3des"; crypt.CipherMode = @"cbc"; crypt.KeyLength = [NSNumber numberWithInt:168]; ivLen = 8; hashAlg = @"sha1"; } else { crypt.CryptAlgorithm = @"aes"; crypt.CipherMode = @"cbc"; crypt.KeyLength = [NSNumber numberWithInt:256]; ivLen = 16; hashAlg = @"sha256"; } // Remove the SQL Server version info (i.e. the "01000000") [sbEncHex RemoveCharsAt: [NSNumber numberWithInt: 0] numChars: [NSNumber numberWithInt: 8]]; // Get the IV part of the sbEncHex, and also remove it from the StringBuilder. NSString *ivHex = [sbEncHex GetRange: [NSNumber numberWithInt: 0] numChars: [NSNumber numberWithInt: (ivLen * 2)] removeFlag: YES]; NSLog(@"%@%@",@"IV = ",ivHex); [crypt SetEncodedIV: ivHex encoding: @"hex"]; CkoStringBuilder *sbPassword = [[CkoStringBuilder alloc] init]; [sbPassword Append: password]; NSString *pwd_hash = [sbPassword GetHash: hashAlg encoding: @"hex" charset: @"utf-16"]; CkoStringBuilder *sbKey = [[CkoStringBuilder alloc] init]; [sbKey Append: pwd_hash]; if (v1 == YES) { // For v1, we only want the 1st 16 bytes of the 20 byte hash. // (remember, the hex encoding uses 2 chars per byte, so we remove the last 8 chars) [sbKey Shorten: [NSNumber numberWithInt: 8]]; } NSLog(@"%@%@",@"crypt key: ",[sbKey GetAsString]); [crypt SetEncodedKey: [sbKey GetAsString] encoding: @"hex"]; // Decrypt CkoBinData *bd = [[CkoBinData alloc] init]; [bd AppendEncoded: [sbEncHex GetAsString] encoding: @"hex"]; [crypt DecryptBd: bd]; // The result is composed of a header of 8 bytes which we can discard. // The remainder is the decrypted text. // The header we are discarding is composed of: // Bytes 0-3: Magic number equal to 0DF0ADBA // Bytes 4-5: Number of integrity bytes, which is 0 unless an authenticator is used. We're assuming no authenticator is used. // Bytes 6-7: Number of plain-text bytes. We really don't need this because the CBC padding takes care of it. // Therefore, just return the data after the 1st 8 bytes. // Assuming the encrypted string was utf-8 text... [bd RemoveChunk: [NSNumber numberWithInt: 0] numBytes: [NSNumber numberWithInt: 8]]; NSString *plainText = [bd GetString: @"utf-8"]; NSLog(@"%@%@",@"decrypted plain text: ",plainText); // The output: // IV = 1E8E7DCDBD4061B9 // crypt key: 710B9C2E61ACCC9570D4112203BD9738 // decrypted plain text: Hello world. // ------------------------------------------------------------------------------------------ // To encrypt, do the reverse... // Let's do v1 with TripleDES with SHA1 CkoCrypt2 *encryptor = [[CkoCrypt2 alloc] init]; encryptor.EncodingMode = @"hex"; encryptor.CryptAlgorithm = @"3des"; encryptor.CipherMode = @"cbc"; encryptor.KeyLength = [NSNumber numberWithInt:168]; // Generate a random 8-byte IV CkoPrng *prng = [[CkoPrng alloc] init]; ivHex = [prng GenRandom: [NSNumber numberWithInt: 8] encoding: @"hex"]; [encryptor SetEncodedIV: ivHex encoding: @"hex"]; // The binary password is generated the same as above. // We'll use the same password (and same binary password) [encryptor SetEncodedKey: [sbKey GetAsString] encoding: @"hex"]; int plainTextLen = 8; plainText = @"ABCD1234"; // Encrypt the header + the plain-text. CkoBinData *bdData = [[CkoBinData alloc] init]; [bdData AppendEncoded: @"0DF0ADBA" encoding: @"hex"]; [bdData AppendEncoded: @"0000" encoding: @"hex"]; [bdData AppendInt2: [NSNumber numberWithInt: plainTextLen] littleEndian: YES]; NSLog(@"%@%@",@"header: ",[bdData GetEncoded: @"hex"]); [bdData AppendString: plainText charset: @"utf-8"]; [encryptor EncryptBd: bdData]; // Compose the result.. CkoStringBuilder *sbEnc = [[CkoStringBuilder alloc] init]; [sbEnc Append: @"0x01000000"]; [sbEnc Append: ivHex]; [sbEnc Append: [bdData GetEncoded: @"hex"]]; NSLog(@"%@%@",@"result: ",[sbEnc GetAsString]); |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.