问题
I'm struggling to transmit long encrypted strings over the network and get them to come out correctly on the server. For example, I have this encrypted string on the client:
wcWSERZCh8Xm1hpbNo1kSD1LvFmpuUr4wmq9hQUWeK0vYcLeFPGwFR/sBTES1A4rPV6eyp9nzEEU9uKkiFSTdP+SPOSqUf6evjf3WRHrXMRe81lIrHuRyk0iRwoNe5uIk+VlpR41kETmznXa4+gELmf53r7oayRkkffnIPDmpO+WbgE0VL3PQeOsXB01tWJyDiBIsz5WJiiEIm3ZoJW/sw==
As you can see, it has a few characters that will not transmit over the network without some URL encoding (+
and /
, most notably). I'm not entirely sure if there could be other characters that could arise in other situations, so I want to make sure that my solution is 'universally' correct. I am using this line:
NSString *escapedString = [cipherString stringByAddingPercentEncodingWithAllowedCharacters:[NSCharacterSet URLHostAllowedCharacterSet]];
which I found in a highly reviewed answer.
However, I'm still having trouble decrypting this on the server side, so I printed out the results on the client immediately before sending, and I see this:
wcWSERZCh8Xm1hpbNo1kSD1LvFmpuUr4wmq9hQUWeK0vYcLeFPGwFR%2FsBTES1A4rPV6eyp9nzEEU9uKkiFSTdP+SPOSqUf6evjf3WRHrXMRe81lIrHuRyk0iRwoNe5uIk+VlpR41kETmznXa4+gELmf53r7oayRkkffnIPDmpO+WbgE0VL3PQeOsXB01tWJyDiBIsz5WJiiEIm3ZoJW%2Fsw==
Why are the '+' signs still there? Am I using the wrong allowed character set? Which character set should I use to guarantee that I correctly escape all problematic characters?
If it helps, here is the code that I am using to encrypt the plain text string. When it is done, I base64 encode the results before sending across the network:
- (NSData *)phpEncryptCleartext : (NSData *)cleartext
{
NSData *cleartextPadded = [self phpPadData:cleartext];
CCCryptorStatus ccStatus = kCCSuccess;
size_t cryptBytes = 0; // Number of bytes moved to buffer.
NSMutableData *cipherTextData = [NSMutableData dataWithLength:cleartextPadded.length];
ccStatus = CCCrypt(kCCEncrypt,
kCCAlgorithmAES128,
0,
_sessionKey.bytes,
kCCKeySizeAES128,
_iv.bytes,
cleartextPadded.bytes,
cleartextPadded.length,
cipherTextData.mutableBytes,
cipherTextData.length,
&cryptBytes);
if (ccStatus == kCCSuccess) {
cipherTextData.length = cryptBytes;
}
else {
NSLog(@"kEncryptionError code: %d", ccStatus); // Add error handling
cipherTextData = nil;
}
return cipherTextData;
}
Thanks for any advice!
回答1:
Swift version here.
To escape character use stringByAddingPercentEncodingWithAllowedCharacters:
NSString *URLEscapedString =
[string stringByAddingPercentEncodingWithAllowedCharacters:[NSCharacterSet URLQueryAllowedCharacterSet]];
The following are useful character sets, actually the characters not included in the sets:
URLFragmentAllowedCharacterSet "#%<>[\]^`{|}
URLHostAllowedCharacterSet "#%/<>?@\^`{|}
URLPasswordAllowedCharacterSet "#%/:<>?@[\]^`{|}
URLPathAllowedCharacterSet "#%;<>?[\]^`{|}
URLQueryAllowedCharacterSet "#%<>[\]^`{|}
URLUserAllowedCharacterSet "#%/:<>?@[\]^`
Or create your own characterset with just the characters that you need to escape.
NSCharacterSet *customCharacterset = [[NSCharacterSet characterSetWithCharactersInString:@"your characters"] invertedSet];
Creating a characterset combining all of the above:
NSCharacterSet *URLFullCharacterSet = [[NSCharacterSet characterSetWithCharactersInString:@" \"#%/:<>?@[\\]^`{|}"] invertedSet];
Creating a Base64
In the case of Base64 characterset:
NSCharacterSet *URLBase64CharacterSet = [[NSCharacterSet characterSetWithCharactersInString:@"/+=\n"] invertedSet];
Note: stringByAddingPercentEncodingWithAllowedCharacters
will also encode UTF-8 characters requiring encoding.
Example to verify the characters in the set:
void characterInSet(NSCharacterSet *set) {
NSMutableString *characters = [NSMutableString new];
NSCharacterSet *invertedSet = set.invertedSet;
for (int i=32; i<127; i++) {
if ([invertedSet characterIsMember:(unichar)i]) {
NSString *c = [[NSString alloc] initWithBytes:&i length:1 encoding:NSUTF8StringEncoding];
[characters appendString:c];
}
}
printf("characters not in set: '%s'\n", [characters UTF8String]);
}
来源:https://stackoverflow.com/questions/29806098/nscharacterset-urlhostallowedcharacterset-doesnt-replace-sign