堆栈内存溢出
  简体   繁体   English

iOS上的密码编码和解码

[英]Password Encoding and Decoding on iOS

 原文  2011-09-28 11:39:19       iphone/ passwords

问题描述

在iPhone中是否有用于编码或解码密码的API?

3 个解决方案

解决方案1
 4  2011-09-28 11:44:58

There is the Common Crypto API. 有Common Crypto API。 

#import <CommonCrypto/CommonCryptor.h>

+ (NSData *)doCipher:(NSData *)dataIn
                  iv:(NSData *)iv
                 key:(NSData *)symmetricKey
             context:(CCOperation)encryptOrDecrypt
{
    CCCryptorStatus ccStatus   = kCCSuccess;
    size_t          cryptBytes = 0;    // Number of bytes moved to buffer.
    NSMutableData  *dataOut    = [NSMutableData dataWithLength:dataIn.length + kCCBlockSizeAES128];

    ccStatus = CCCrypt( encryptOrDecrypt,
                       kCCAlgorithmAES128,
                       kCCOptionPKCS7Padding,
                       symmetricKey.bytes, 
                       kCCKeySizeAES128,
                       iv.bytes,
                       dataIn.bytes,
                       dataIn.length,
                       dataOut.mutableBytes,
                       dataOut.length,
                       &cryptBytes);

    if (ccStatus != kCCSuccess) {
        NSLog(@"CCCrypt status: %d", ccStatus);
    }

    dataOut.length = cryptBytes;

    return dataOut;
}

Also add Security.framework to your project. 还要将Security.framework添加到项目中。

If the security is important consider having someone with security experience create the code and protocol. 如果安全性很重要,请考虑让具有安全经验的人员创建代码和协议。 If the security is not important, just send the password in the clear. 如果安全性不重要,只需清除密码即可。

A few bugs in an app is not that bad, the app still basically works, one bug in security and all security is lost. 应用程序中的一些错误并不是那么糟糕,应用程序仍然基本可行,安全性中的一个错误和所有安全性都丢失了。

Good security is not as easy as one might think. 良好的安全性并不像人们想象的那么容易。

解决方案2
 0  2011-10-03 10:04:22

If you are only interested in passwords you might as well use hash functions (md5, sha) and compare the input hash with the hash of the password. 如果您只对密码感兴趣,那么您也可以使用散列函数(md5,sha)并将输入散列与密码的散列进行比较。 That way the password is never saved in plaintext and if your server gets hacked some day they only get the hashes and have to do a pre-image attack in order to get the password. 这样,密码永远不会以明文保存,如果你的服务器有一天被黑客攻击,他们只会得到哈希并且必须进行前映像攻击才能获得密码。

解决方案3
 0  2011-10-05 14:12:02

What you want to do is use the Security Framework. 您要做的是使用安全框架。 This web site provides you with examples: 该网站为您提供了以下示例:

Symmetric encryption: http://greghaygood.com/2009/01/17/symmetric-encryption-with-the-iphone-sdk-and-securityframework 对称加密: http//greghaygood.com/2009/01/17/symmetric-encryption-with-the-iphone-sdk-and-securityframework

Asymmetric encryption: http://greghaygood.com/2009/01/17/asymmetric-encryption-with-the-iphone-sdk-and-securityframework 非对称加密: http//greghaygood.com/2009/01/17/asymmetric-encryption-with-the-iphone-sdk-and-securityframework

I hope this helps... 我希望这有帮助...

Emmanuel 灵光

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 h 264硬件编码/解码适用于IOS(IPhone / Ipad)? - h 264 Hardware encoding /decoding For IOS(IPhone/Ipad)? URL 解码/编码 NSString - URL decoding/encoding NSString iPhone - 编码和解码 NSValue - iPhone - encoding and decoding a NSValue NSDateFormatter编码与解码不一致 - NSDateFormatter encoding vs decoding is not consistent 编码和解码GameState类问题 - Encoding and Decoding GameState Class Issue json无法在iOS应用中解码 - json not decoding in iOS app ios中json的URL解码 - URL Decoding of json in ios 解密/编码flac到/从wav时出错 - Error while decoding/encoding flac to/from wav UIWebView包括 内容编码/解码 - UIWebView incl. content encoding/decoding flv流解码,3gp编码 - flv stream decoding, 3gp encoding
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM