Merge pull request #143 from Zentyal/jgarcia/crash-session
Safe decoding of secured value
This commit is contained in:
commit
cab5846e37
|
@ -157,7 +157,7 @@
|
||||||
// that much about this for now.
|
// that much about this for now.
|
||||||
//
|
//
|
||||||
+ (NSString *) securedValue: (NSString *) theValue
|
+ (NSString *) securedValue: (NSString *) theValue
|
||||||
usingKey: (NSString *) theKey
|
usingKey: (NSString *) theKey
|
||||||
{
|
{
|
||||||
NSData *data;
|
NSData *data;
|
||||||
NSString *s;
|
NSString *s;
|
||||||
|
@ -171,13 +171,12 @@
|
||||||
klen = [data length];
|
klen = [data length];
|
||||||
|
|
||||||
// Get the key - padding it with 0 with key length
|
// Get the key - padding it with 0 with key length
|
||||||
pass = (char *)malloc(klen);
|
pass = (char *) calloc(klen, sizeof(char));
|
||||||
memset(pass, 0, klen);
|
|
||||||
[theValue getCString: pass maxLength: klen encoding: NSUTF8StringEncoding];
|
[theValue getCString: pass maxLength: klen encoding: NSUTF8StringEncoding];
|
||||||
|
|
||||||
// Target buffer
|
// Target buffer
|
||||||
buf = (char *)malloc(klen);
|
buf = (char *)malloc(klen);
|
||||||
|
|
||||||
for (i = 0; i < klen; i++)
|
for (i = 0; i < klen; i++)
|
||||||
{
|
{
|
||||||
buf[i] = key[i] ^ pass[i];
|
buf[i] = key[i] ^ pass[i];
|
||||||
|
@ -186,36 +185,38 @@
|
||||||
free(pass);
|
free(pass);
|
||||||
|
|
||||||
data = [NSData dataWithBytesNoCopy: buf length: klen freeWhenDone: YES];
|
data = [NSData dataWithBytesNoCopy: buf length: klen freeWhenDone: YES];
|
||||||
|
|
||||||
s = [[NSString alloc] initWithData: [data dataByEncodingBase64WithLineLength: 1024]
|
s = [[NSString alloc] initWithData: [data dataByEncodingBase64WithLineLength: 1024]
|
||||||
encoding: NSASCIIStringEncoding];
|
encoding: NSASCIIStringEncoding];
|
||||||
return [s autorelease];
|
return [s autorelease];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
+ (NSString *) valueFromSecuredValue: (NSString *) theValue
|
+ (NSString *) valueFromSecuredValue: (NSString *) theValue
|
||||||
usingKey: (NSString *) theKey
|
usingKey: (NSString *) theKey
|
||||||
{
|
{
|
||||||
NSData *data;
|
NSData *dataKey, *dataValue;
|
||||||
NSString *s;
|
NSString *s;
|
||||||
|
|
||||||
char *buf, *key, *pass;
|
char *buf, *key, *value;
|
||||||
int i, klen;
|
size_t i, klen, vlen;
|
||||||
|
|
||||||
// Get the key length and its bytes
|
// Get the key length and its bytes
|
||||||
data = [theKey dataByDecodingBase64];
|
dataKey = [theKey dataByDecodingBase64];
|
||||||
key = (char *)[data bytes];
|
key = (char *)[dataKey bytes];
|
||||||
klen = [data length];
|
klen = [dataKey length];
|
||||||
|
|
||||||
|
// Get the secured value length and its bytes
|
||||||
|
dataValue = [theValue dataByDecodingBase64];
|
||||||
|
value = (char *)[dataValue bytes];
|
||||||
|
vlen = [dataValue length];
|
||||||
|
|
||||||
// Get the secured password
|
|
||||||
pass = (char *)[[theValue dataByDecodingBase64] bytes];
|
|
||||||
|
|
||||||
// Target buffer
|
// Target buffer
|
||||||
buf = (char *)malloc(klen);
|
buf = (char *) calloc(klen, sizeof(char));
|
||||||
|
|
||||||
for (i = 0; i < klen; i++)
|
for (i = 0; i < klen && i < vlen; i++)
|
||||||
{
|
{
|
||||||
buf[i] = key[i] ^ pass[i];
|
buf[i] = key[i] ^ value[i];
|
||||||
}
|
}
|
||||||
|
|
||||||
// buf is now our C string in UTF8
|
// buf is now our C string in UTF8
|
||||||
|
|
Loading…
Reference in a new issue