A colleague provided me two text files he encrypted using GNUPG, AES128/AES256 with no salt.
Using the following example, https://stackoverflow.com/a/1400596/300972, I tried to decrypt both files in an iOS application, one using the AES256 example, the second by modifying the algo to kCCAlgorithmAES128 and keysize to kCCKeySizeAES128.
Loading the files to an NSData object proved successful; I am able to output the NSData. However, on decrypt they always fail with kCCDecodeError (-4304). I thought it may be the padding, so we tried different variations, the original being kCCOptionPKCS7Padding, still the same error. I tried a padding of 0, which provides a truncated NSData object which I cannot create an NSString from. (UTF8 encoded).
Has anyone been successfully able to decrypt a file encrypted using GNUPG in an iOS environment? Can you provide us with lessons learned?
GnuPG writes in the OpenPGP file format (RFC-4880). This is a fairly complicated format and you would need to parse it before you can even begin to decrypt the data. GnuPG also compresses the data before it encrypts it. And it uses "OpenPGP's variant of Cipher Feedback (CFB) mode." While iOS 5 supports CFB, this isn't quite the same as RFC-4880. For instance, they don't use a normal IV, and they synchronize in a novel way to provide a "quick check" that is incompatible with standard CFB. Then there's their String-to-Key (S2K) algorithms, which are not the same as PBKDF2.
In short, CommonCryptor is the last in a long series of steps of tearing this down to something to hand to AES. You could look at libgcrypt, but its LGPL license is generally incompatible with iOS development. You should probably investigate other OpenPGP implementations. I know there are some in JavaScript (which is crazy, but could still work without creating licensing headaches). Maybe Cryptlib (which has a commercial license).
Personally, I'd go with some other encryptor if you can. OpenSSL, while not particularly secure, is very portable, and as easy to use as a commandline app. RNCryptor can read and write it on iOS.
You can check ObjectivePGP framework.
Related
I googled but mostly found links to 3rd part libraries for encryption/decryption works. However, I saw Security articles on the Apple site, though without examples.
Can you please show me an example of a simple encrypt/decrypt a string with a key function?
Security and CommonCrypto are low level frameworks. They only provide security primitives, not a full encrypted data format. It is challenging to build a secure format out of the primitives, and most examples you'll find online are insecure. Either the author did not know how to build a secure format, or the author assumes you know how to take what they've written and finish building a secure format.
There is no such thing as "decrypting a string" in the way that you likely mean. All encryption functions generate raw bytes. If you want a string, convert it to base64 or hex or whatever. Some libraries automatically add this, but it often leads to strange artifacts like double-base64-encoded data.
If you want a cross-platform "out of the box" encryption format, see RNCryptor or libSodium. Both of these convert data-to-data. If you want strings, just encode and decode the data as you like (usually as base64 or hex).
What I have found you can have a look at this url : Swift Default Encryption
I'm encrypting data for an iPhone app using the CommonCrypto libraries. The data is local to the application. The encryption key is hardcoded in the code using an NSString.
I wonder if there is a way to access the value of this NSString from the app executable. I know that the code will be in executable form, but at the end an NSString have to store that value in plain text somewhere in the app. Accessing the app folder using iExplorer for example, will give full access to the executable.
Assuming the application was downloaded from the app store onto a device...
Decrypt the binary. This requires a jailbroken device, but it's trivial (there are many, many tools to do this, and tutorials on teh intarwebs)
Move the decrypted binary to a desktop
Run whatever tools you want on it. strings, etc. will all work. IDA Pro or Hopper will disassemble the binary and show not only the C strings in the binary, but the code that accesses it as well.
At this point you have the encryption key that ALL of the users of this application depend on.
...
Profit!
Pulling the C strings out of a binary is one of the first things any attacker will do. It's not recommended to store sensitive information in the binary, such as encryption keys. Unfortunately, there are not many secure ways to get an encryption key to a client. Assess the risks of different approaches and decide what level of exposure you are comfortable with.
I am developing an app that stores PDF files. These files should be stored secure, i. e. encrypted. I also found some libraries that extend NSData with AES en/decryption. But then I read, that iOS supports hardware encryption via AES. Is the NSData library really necessary if they both provide AES256 encryption?
If there are differences, which way is more secure? Also.. how do I activate the hardware encryption? Or is this a global setting that applies to all apps? I guess that the files become decrypted after the device is unlocked? So if someone cracks my phone he has also access to the decrypted files? But if I do the encryption by myself and connect the decryption with a SHA hashed password that is stored in the keychain the files might still be inaccessible?
Edit:
Did I get it all wrong and my library (AQToolkit) is just some kind of API for the built-in hardware encryption and I am basically talking about the same thing?
I heartily recommend RNCryptor, which uses Apple's own Security.framework guaranteeing hardware encryption/decryption if possible. It's incredibly easy to use in the default case (AES-256 with 10k iterations of PBKDF2). It's not an encryption library per se, but rather an Obj-C packaging of the open source Common Crypto C library. Check it out.
I've worked with Java cryptography for many years. Now, we have a requirement to write an iOS application that will send encrypted payloads from the mobile device to a Java service. I've begun working with the iOS crypto support (CommonCrypto, etc.) and have found it a bit more difficult. The JCE has a very clean, concise API, so I've clearly gotten spoiled. In contrast, iOS cryptography is a far more difficult API to work with.
Are there any simplified crypto libraries or wrappers around CommonCrypto that provide a more concise API? In particular, we need:
Key generation (both symmetric and asymmetric)
Encryption/decryption of data
Digital signatures (SHA1withRSA, for example)
Hashing
RSA, 3DES, and AES support
I know I've seen a sample class or two that wraps AES encryption, for example. I'm looking for something a bit richer and more full-featured. Anyone have any suggestions?
You can use openSSL inside your iOS app, for ease of use you can use the SSCrypto library by septicus.
From the septicus site:
SSCrypto.framework provides a simple wrapper around OpenSSL library
functions for encryption, decryption (both symmetric and RSA) and
checksums. It also encodes and decodes base64 data and can generate
both private and public RSA keys. A test tool is included in the
project. Click here to see the main.m file that comes with SSCrypto
for examples of it's use.
I am building a Monotouch application which downloads data from the server encrypted using AES. I then need to decrypt this data when the file is accessed.
What is the best way for doing this using MonoTouch? iOS AES decryption is apparently hardware accelerated and so I would ideally like to call into CCCrypt. I am a bit of a n00b to MonoTouch so does anyone know how to do this?
Or alternatively is there a better approach to doing AES decryption in MonoTouch?
MonoTouch provides AES support inside it's class library, e.g. the RijndaelManaged class.
However you need to know a bit more about how it was encrypted (cipher mode, padding mode, key size) to be able to decrypt a file. Also depending on the file size you might want to decrypt it in memory (safer) if it's small or to a temporary file (if large).
Notes:
Rijndael is the original name of the algorithm that got selected to be AES;
AES is a subset of Rijndael (only one block size, 128 bits) so you can do everything AES supports using RijndaelManaged;
At the moment MonoTouch does not use CommonCrypto (it uses the managed implementation from Mono) so you won't get hardware acceleration. This will likely change in future releases (and will be compatible, i.e. simply re-compile, for people who used RijndaelManaged in their applications).
EDIT
MonoTouch 5.3.3 (alpha) now default to use CommonCrypto implementations, including hardware acceleration (when available) for AES and SHA1.
If you are interested in encrypting data at rest (i.e. a database) under MonoTouch SQLCipher might be a good option (http://sqlcipher.net). The MonoTouch provider for SQLCipher provides SQLite full database encryption using AES-256 (http://sqlcipher.net/sqlcipher-for-monotouch). There is also a companion library for Mono on Android, which provides the same API and features for android (http://sqlcipher.net/sqlcipher-on-mono-for-android)
Disclosure: I work for Zetetic, the author of SQLCipher.