I would to log a binary hash representation in the console, using an hex or ascii representation. The algorithm is MD5, so the function is CC_MD5
I get the binary hash representation via a Theos tweak, which is working well.
EDIT: this tweak intercept the CC_MD5 call. The call is implemented in the method described below. When CC_MD5 is called, replaced_CC_MD5 intercept the call.
The app tested, is a simple app which i made myself and it's using this method to calculate MD5 Hash:
- (NSString *) md5:(NSString *) input
{
const char *cStr = [input UTF8String];
unsigned char digest[16];
CC_MD5( cStr, strlen(cStr), digest ); // This is the md5 call
NSMutableString *output = [NSMutableString stringWithCapacity:CC_MD5_DIGEST_LENGTH * 2];
for(int i = 0; i < CC_MD5_DIGEST_LENGTH; i++)
[output appendFormat:#"%02x", digest[i]];
return output;
}
The hashing it's ok, and the app returns to me the correct hash for the input
input = prova
MD5 Digest = 189bbbb00c5f1fb7fba9ad9285f193d1
The function in my Theos Tweak where i manipulate the CC_MD5 function is
EDIT: where data would be cStr, len would be strlen(cStr) and md would be digest.
static unsigned char * replaced_CC_MD5(const void *data, CC_LONG len, unsigned char *md) {
CC_LONG dataLength = (size_t) len;
NSLog(#"==== START CC_MD5 HOOK ====");
// hex of digest
NSData *dataDigest = [NSData dataWithBytes:(const void *)md length:(NSUInteger)CC_MD5_DIGEST_LENGTH];
NSLog(#"%#", dataDigest);
// hex of string
NSData *dataString = [NSData dataWithBytes:(const void *)data length:(NSUInteger)dataLength];
NSLog(#"%#", dataString);
NSLog(#"==== END CC_MD5 HOOK ====");
return original_CC_MD5(data, len, md);
}
The log of dataString it's ok: 70726f76 61 which is the HEX representation of prova
The log of dataDigest is e9aa0800 01000000 b8c00800 01000000 which is, if i understood, the binary hash representation.
How can i convert this representation to have the MD5 Hash digest?
In replaced_CC_MD5 you are displaying md before the call to original_CC_MD5 which sets its value. What you are seeing is therefore random data (or whatever was last stored in md).
Move the call to original_CC_MD5 to before the display statement and you should see the value you expect. (You'll of course need to save the result of the call in a local so you can return the value in the return statement.)
Related
I'm working on a custom bluetooth product, the manufacturer has embeded data in the advertisement packet. How do I effectively parse this data so it's usable within an iOS app?
I'm currently grabbing the data from the NSDictionary as follows:
NSData *rawData = [advertisement objectForKey:#"kCBAdvDataManufacturerData"];
The data in the packet is structured like so:
uint8_t compId[2];
uint8_t empty[6];
uint8_t temperature[2];
uint8_t rampRate[2];
uint8_t dutyFactor[2];
uint8_t alarms[2];
uint8_t statusFlag;
uint8_t speedRpm[2];
uint8_t vib[2];
uint8_t deviceTypeId;
uint8_t radioStatus;
uint8_t cycleTimer[2];
uint8_t batteryLevel;
My first thought was to convert it to a string and parse out the data that I need, but this seems slow and really inefficient. There has to be a standard way developers deal with this. I'm still pretty green when it comes to bitwise operators. All the data is formatted in little endian.
Certainly don't convert it to a string, as it isn't one, and you'll have issues with encoding.
Start by checking that the length of the data matches what you're expecting (26 bytes)
Use the bytes method to get a pointer to the data
Add a function or method to combine two bytes into a 16-bit integer. You'll have to find out if those 2-byte fields are signed or unsigned.
Something along these lines:
- (int)getWordFromBuffer:(const unsigned char *)bytes atOffset:(int) offset
{
return (int)bytes[offset] | (bytes[offset+1] << 8);
}
- (NSDictionary *)decodeData:(NSData *)data
{
if (data.length != 26)
{
NSLog(#"wrong length %d instead of 26", data.length);
return nil;
}
const unsigned char *bytes = (unsigned char *)data.bytes;
return
#{
#"compId": #([self getWordFromBuffer:bytes atOffset:0]),
#"temperature": #([self getWordFromBuffer:bytes atOffset:8]),
#"rampRate": #([self getWordFromBuffer:bytes atOffset:10]),
....
};
}
I am trying to convert the byteArray to a Hex NSString.
Here is the solution that I referred to convert it into hex NSString. But, I discovered It add's ffffffffffffff. How can I get correct hex NSString?
Best way to serialize an NSData into a hexadeximal string
const char myByteArray[] = {
0x12,0x23,0x34,0x45,0x56,0x67,0x78,0x89,
0x12,0x23,0x34,0x45,
0x56,0x67,0x78,0x89 };
NSData *myByteData=[NSData dataWithBytes:myByteArray length:sizeof(myByteArray)];
NSMutableString *myHexString= [NSMutableString stringWithCapacity:myByteData.length*2];
for(int i=0;i<myByteData.length;i++){
;
NSString *resultString =[NSString stringWithFormat:#"%02lx",(unsigned long)myByteArray[i]];
[myHexString appendString:resultString];
}
The output String
12233445566778ffffffffffffff8912233445566778ffffffffffffff89
Don't use unsigned long for each of your bytes. And what's the point of myByteData if you don't use it?
And since you are not really using char, use uint8_t.
Try this:
const uint8_t myByteArray[] = {
0x12,0x23,0x34,0x45,0x56,0x67,0x78,0x89,
0x12,0x23,0x34,0x45,
0x56,0x67,0x78,0x89 };
size_t len = sizeof(myByteArray) / sizeof(uint8_t);
NSMutableString *myHexString = [NSMutableString stringWithCapacity:len * 2];
for (size_t i = 0; i < len; i++) {
[myHexString appendFormat:#"%02x", (int)myByteArray[i]];
}
Your initial byte data is char rather than unsigned char. This means that any values >127 (0x7f) will be seen as a twos-complement negative number, giving ffffffffffffff89.
If you change your data to be unsigned char you will get the desired result.
const unsigned char myByteArray[] = {
0x12,0x23,0x34,0x45,0x56,0x67,0x78,0x89,
0x12,0x23,0x34,0x45,
0x56,0x67,0x78,0x89 };
NSData *myByteData=[NSData dataWithBytes:myByteArray length:sizeof(myByteArray)];
NSMutableString *myHexString= [NSMutableString stringWithCapacity:myByteData.length*2];
for(int i=0;i<myByteData.length;i++){
NSString *resultString =[NSString stringWithFormat:#"%02lx",(unsigned long)myByteArray[i]];
[myHexString appendString:resultString];
}
I am trying to make an app for my school that interacts with PowerSchool, a software that allows user's to view their grades, teachers, schedules, and much more. I found a library for the basics of interacting with PowerSchool written in PHP and have been trying to write it in objective c for the past week. It seems the issue is how I create an HMAC (MD5) with the user's password. Either I am using a hex digest rather than a digest, not sure. The error I get back from the server is an odd number of characters.
Here is the link to the PHP library class I am trying to re-create:
https://github.com/horvste/powerapi-php/blob/master/src/PowerAPI/Core.php
Here is my code in my test project,
Command line main class:
https://gist.github.com/anonymous/c40cdd99a826c06073aa
NSString Category Implementation file:
#import "NSString+MyAdditions.h"
#implementation NSString (MyAdditions)
- (NSString *) hmacMD5WithData: (NSString *) data
{
const char *cKey = [self cStringUsingEncoding:NSASCIIStringEncoding];
const char *cData = [data cStringUsingEncoding:NSASCIIStringEncoding];
const unsigned int blockSize = 64;
char ipad[blockSize], opad[blockSize], keypad[blockSize];
unsigned int keyLen = strlen(cKey);
CC_MD5_CTX ctxt;
if(keyLen > blockSize)
{
//CC_MD5(cKey, keyLen, keypad);
CC_MD5_Init(&ctxt);
CC_MD5_Update(&ctxt, cKey, keyLen);
CC_MD5_Final((unsigned char *)keypad, &ctxt);
keyLen = CC_MD5_DIGEST_LENGTH;
}
else
{
memcpy(keypad, cKey, keyLen);
}
memset(ipad, 0x36, blockSize);
memset(opad, 0x5c, blockSize);
int i;
for(i = 0; i < keyLen; i++)
{
ipad[i] ^= keypad[i];
opad[i] ^= keypad[i];
}
CC_MD5_Init(&ctxt);
CC_MD5_Update(&ctxt, ipad, blockSize);
CC_MD5_Update(&ctxt, cData, strlen(cData));
unsigned char md5[CC_MD5_DIGEST_LENGTH];
CC_MD5_Final(md5, &ctxt);
CC_MD5_Init(&ctxt);
CC_MD5_Update(&ctxt, opad, blockSize);
CC_MD5_Update(&ctxt, md5, CC_MD5_DIGEST_LENGTH);
CC_MD5_Final(md5, &ctxt);
const unsigned int hex_len = CC_MD5_DIGEST_LENGTH*2+2;
char hex[hex_len];
for(i = 0; i < CC_MD5_DIGEST_LENGTH; i++)
{
snprintf(&hex[i*2], hex_len-i*2, "%02x", md5[i]);
}
NSData *HMAC = [[NSData alloc] initWithBytes:hex length:strlen(hex)];
NSString *hash = [HMAC base64EncodedStringWithOptions:0];
return hash;
}
#end
Thank you for taking the time to look at this issue!
First, don't build your own HMAC routine here. Use CCHmac. It's built-in and handles HMAC+MD5 correctly.
If at all possible, I recommend going to the API documentation rather than trying to reverse engineer another code base. There are lots of little things going on in the PHP that you may be overlooking; an API doc should explain all of those.
If the PHP code is the only reference you have, then you should break down each piece and see where it's going wrong. For instance, verify that you are getting the auth data in the same form. Then confirm that each program, given the same auth data generates the same HMAC. Then confirm that given the same HMAC, each program generates the same response. Etc. Somewhere you are doing something differently. Make sure that you're using Base64 vs raw data in the same places (PHP devs tend to treat Base64 strings as though they were actually raw data, which causes confusion when coming over to ObjC).
And of course you should examine the server logs to validate that your final request matches the PHP requests.
I create an MD5 of a file that is deployed with my bundle to decide if I need to import it.
My problem is that when I create the MD5 is always different. Even when I call the MD5 method 10 times in a loop with the same data, I got different results.
Here is my MD% method:
- (NSString*)hashForData:(NSData*)data
{
unsigned char md5Buffer[CC_MD5_DIGEST_LENGTH];
CC_MD5((__bridge const void*)(data), (CC_LONG)data.length, md5Buffer);
NSMutableString* output = [NSMutableString stringWithCapacity:CC_MD5_DIGEST_LENGTH * 2];
for (int i = 0; i < CC_MD5_DIGEST_LENGTH; i++)
[output appendFormat:#"%02x", md5Buffer[i]];
return output;
}
- (NSData*)data
{
if (!_data) {
_data = [NSData dataWithContentsOfFile:_path];
}
return _data;
}
Any idea what could be wrong?
Shouldn't that be:
CC_MD5((__bridge const void*)([data bytes]), (CC_LONG)[data length], md5Buffer);
// ^^^^^^^^^^^^ ^^^^^^^^^^^^^
(i.e. you are calculating the MD5 hash of the NSData object (and adjacent memory) instead of the data within the NSData object).
I am working on an iPhone app that retrieves an RSA public key from an ASP.NET web service in the form:
<RSAKeyValue>
<Modulus>qdd0paiiBJ+xYaN4TKDdbEzrJJw9xlbRAltb5OPdegjLoW60yOjL/sni52WVsGC9QxpNitZR33dnUscmI0cTJoxkXypPjbD94UpH+p4el2tuKBypHlE7bERApuUp55y8BiRkbQNFH8smZFWDwtIc/PsJryeGf8fAryel8c5V3PU=</Modulus>
<Exponent>AQAB</Exponent>
</RSAKeyValue>
I need to then convert this response into an NSData * of the appropriate format (from some intense Googling, most likely 'ASN.1 DER' binary format. I've got code in place to convert both parts from their Base64 representations to the original binary values, but I can't for the life of me figure out a reasonable way to create the one-piece binary key.
The code waiting for the key is the -addPeerPublicKey:(NSString *) keyBits:(NSData *) method of the SecKeyWrapper class from Apple's CryptoExercise example project (Code here).
I would be more than happy to implement this another way--all I need is to encrypt a single string (no decryption required). As far as I can tell, though, the built-in Security framework has what I need, if I could just close this format gap. If there is a way to convert the key and send it Base64-encoded from the webservice, that works for me as well--but I couldn't find any way to ASN.1-encode it there, either.
So, I used the SecKeyWrapper class to generate a random key, then used the -getPublicKeyBits method to get the binary representation of the public key (in whatever format is used internally). Presuming it is some form of DER ASN.1, I NSLog'd it to the console as hex and loaded it into this program. Sure enough, the internal representation is DER ASN.1, but it is a very simplified version of what I normally found for RSA key representations:
![SEQUENCE { INTEGER, INTEGER }][2]
Shouldn't be too tough to construct on the fly from a binary rep. of the modulus and exponent, since the DER encoding is just
30 (for SEQUENCE) LL (total sequence byte length)
02 (INTEGER) LL (modulus byte length) XX XX... (modulus data bytes)
02 LL XX XX XX... (exponent length and bytes)
Here's my code, for simplicity. It uses a few Google libs for XML+base64, just heads up; also Apple's demo code SecKeyWrapper. See my other question for a note on making this work. Also, note that it is not ARC-compatible; this is left as an exercise for the reader (I wrote this years ago, now).
#define kTempPublicKey #"tempPayKey"
-(NSData *)encryptedDataWithXMLPublicKey:(NSString *)base64PublicKey data:(NSData *)data {
if(![data length]){
#throw [NSException exceptionWithName:#"NSInvalidArgumentException" reason:#"Data not set." userInfo:nil];
}
GTMStringEncoding *base64 = [GTMStringEncoding rfc4648Base64StringEncoding];
NSData *keyData = [base64 decode:base64PublicKey];
NSError *err = nil;
GDataXMLDocument *keyDoc = [[GDataXMLDocument alloc] initWithData:keyData options:0 error:&err];
if(err){
NSLog(#"Public key parse error: %#",err);
[keyDoc release];
return nil;
}
NSString *mod64 = [[[[keyDoc rootElement] elementsForName:#"Modulus"] lastObject] stringValue];
NSString *exp64 = [[[[keyDoc rootElement] elementsForName:#"Exponent"] lastObject] stringValue];
[keyDoc release];
if(![mod64 length] || ![exp64 length]){
#throw [NSException exceptionWithName:#"NSInvalidArgumentException" reason:#"Malformed public key xml." userInfo:nil];
}
NSData *modBits = [base64 decode:mod64];
NSData *expBits = [base64 decode:exp64];
/* the following is my (bmosher) hack to hand-encode the mod and exp
* into full DER encoding format, using the following as a guide:
* http://luca.ntop.org/Teaching/Appunti/asn1.html
* this is due to the unfortunate fact that the underlying API will
* only accept this format (not the separate values)
*/
// 6 extra bytes for tags and lengths
NSMutableData *fullKey = [[NSMutableData alloc] initWithLength:6+[modBits length]+[expBits length]];
unsigned char *fullKeyBytes = [fullKey mutableBytes];
unsigned int bytep = 0; // current byte pointer
fullKeyBytes[bytep++] = 0x30;
if(4+[modBits length]+[expBits length] >= 128){
fullKeyBytes[bytep++] = 0x81;
[fullKey increaseLengthBy:1];
}
unsigned int seqLenLoc = bytep;
fullKeyBytes[bytep++] = 4+[modBits length]+[expBits length];
fullKeyBytes[bytep++] = 0x02;
if([modBits length] >= 128){
fullKeyBytes[bytep++] = 0x81;
[fullKey increaseLengthBy:1];
fullKeyBytes[seqLenLoc]++;
}
fullKeyBytes[bytep++] = [modBits length];
[modBits getBytes:&fullKeyBytes[bytep]];
bytep += [modBits length];
fullKeyBytes[bytep++] = 0x02;
fullKeyBytes[bytep++] = [expBits length];
[expBits getBytes:&fullKeyBytes[bytep++]];
SecKeyRef publicKey = [[SecKeyWrapper sharedWrapper] addPeerPublicKey:kTempPublicKey keyBits:fullKey];
[fullKey release];
NSData *encrypted = [[SecKeyWrapper sharedWrapper] wrapSymmetricKey:data keyRef:publicKey];
// remove temporary key from keystore
[[SecKeyWrapper sharedWrapper] removePeerPublicKey:kTempPublicKey];
return encrypted;
}