Develop Reference

Decrypting iOS with Objective c and SwiftUI

I am planning to implement the AES encryption in my application and for this I went through an informative tutorial by Rob Napier :
It was a wonderful read and I was able to encrypt few strings using :
USING ROB NAPIER RNCRYPTOR CLASS
NSString * const
kRNCryptManagerErrorDomain = #"net.robnapier.RNCryptManager";
const CCAlgorithm kAlgorithm = kCCAlgorithmAES128;
const NSUInteger kAlgorithmKeySize = kCCKeySizeAES128;
const NSUInteger kAlgorithmBlockSize = kCCBlockSizeAES128;
const NSUInteger kAlgorithmIVSize = kCCBlockSizeAES128;
const NSUInteger kPBKDFSaltSize = 8;
const NSUInteger kPBKDFRounds = 10000; // ~80ms on an iPhone 4
// ===================
+ (NSData *)encryptedDataForData:(NSData *)data
password:(NSString *)password
iv:(NSData **)iv
salt:(NSData **)salt
error:(NSError **)error {
NSAssert(iv, #"IV must not be NULL");
NSAssert(salt, #"salt must not be NULL");
*iv = [self randomDataOfLength:kAlgorithmIVSize];
*salt = [self randomDataOfLength:kPBKDFSaltSize];
NSData *key = [self AESKeyForPassword:password salt:*salt];
size_t outLength;
NSMutableData *
cipherData = [NSMutableData dataWithLength:data.length +
kAlgorithmBlockSize];
CCCryptorStatus
result = CCCrypt(kCCEncrypt, // operation
kAlgorithm, // Algorithm
kCCOptionPKCS7Padding, // options
key.bytes, // key
key.length, // keylength
(*iv).bytes,// iv
data.bytes, // dataIn
data.length, // dataInLength,
cipherData.mutableBytes, // dataOut
cipherData.length, // dataOutAvailable
&outLength); // dataOutMoved
if (result == kCCSuccess) {
cipherData.length = outLength;
}
else {
if (error) {
*error = [NSError errorWithDomain:kRNCryptManagerErrorDomain
code:result
userInfo:nil];
}
return nil;
}
return cipherData;
}
// ===================
+ (NSData *)randomDataOfLength:(size_t)length {
NSMutableData *data = [NSMutableData dataWithLength:length];
int result = SecRandomCopyBytes(kSecRandomDefault,
length,
data.mutableBytes);
NSAssert(result == 0, #"Unable to generate random bytes: %d",
errno);
return data;
}
// ===================
// Replace this with a 10,000 hash calls if you don't have CCKeyDerivationPBKDF
+ (NSData *)AESKeyForPassword:(NSString *)password
salt:(NSData *)salt {
NSMutableData *
derivedKey = [NSMutableData dataWithLength:kAlgorithmKeySize];
int
result = CCKeyDerivationPBKDF(kCCPBKDF2, // algorithm
password.UTF8String, // password
[password lengthOfBytesUsingEncoding:NSUTF8StringEncoding], // passwordLength
salt.bytes, // salt
salt.length, // saltLen
kCCPRFHmacAlgSHA1, // PRF
kPBKDFRounds, // rounds
derivedKey.mutableBytes, // derivedKey
derivedKey.length); // derivedKeyLen
// Do not log password here
NSAssert(result == kCCSuccess,
#"Unable to create AES key for password: %d", result);
return derivedKey;
}
But while decrypting I am not able to decrypt properly and I am getting null in the scenario: For your reference the decrypt code is :
+ (NSData*)decryptData:(NSData*)data key:(NSData*)key error:(NSError **)error
{
if (key.length != 16 && key.length != 24 && key.length != 32) {
*error = [NSError errorWithDomain:#"keyLengthError" code:-1 userInfo:nil];
return nil;
}
CCCryptorStatus ccStatus = kCCSuccess;
int ivLength = kCCBlockSizeAES128;
size_t clearBytes = 0;
NSMutableData *dataOut = [NSMutableData dataWithLength:data.length - ivLength];
NSLog(#"Data Out String Decrypt%#", dataOut);
ccStatus = CCCrypt(kCCDecrypt,
kCCAlgorithmAES,
kCCOptionPKCS7Padding,
key.bytes,
key.length,
data.bytes,
data.bytes + ivLength,
data.length - ivLength,
dataOut.mutableBytes,
dataOut.length,
&clearBytes);
if (ccStatus == kCCSuccess) {
dataOut.length = clearBytes;
}
else {
if (error) {
*error = [NSError errorWithDomain:#"kEncryptionError" code:ccStatus userInfo:nil];
}
dataOut = nil;
}
return dataOut;
}
Where I am getting wrong in this scenario? I have been trying for few days to sort it out. Can someone please help me?

the method given in the example you mentioned refers Rob Napiers Github Repo.
Just testet it with your given password, salt, etc.. and it just works!
Yes understood, you want to throw out password: and iv: as well the salt: parameter when decrypting and go only with key:. Well you need at least iv: to do that. But again as Rob commented to your other question, don't re-invent the wheel.
The method i linked above is just working fine with your parameters for decrypting. The only difference to your code is that password, iv and salt are given to decrypt.
apart from the idea you want to develop something that can decrypt without a password you will have to digg deeper into how CCKeyDerivationPBKDF() (CommonKeyDerivation.h) is working.
Edit: As you asked to have a way to pack and unpack your salt, iv and cypher thats pretty simple with NSData.
+ (NSData *)packWithSalt:(NSData*)salt IV:(NSData*)iv Cypher:(NSData*)tocypher {
//adding Salt + IV + Cipher text
NSMutableData *combi = [NSMutableData data];
//[combi appendBytes:salt.bytes length:16];
//[combi appendBytes:iv.bytes length:16]; //16
//[combi appendBytes:tocypher.bytes length:tocypher.length];
[combi appendData:salt];
[combi appendData:iv];
[combi appendData:tocypher];
return combi;
}
+ (NSData*)cypherUnpackToSalt:(NSMutableData**)salt andIV:(NSMutableData**)iv fromPackData:(NSData*)pack {
void *sBuff[16] = {};
void *iBuff[16] = {};
NSUInteger len = pack.length - 16 - 16; //keep length flexible
void *pBuff = malloc(sizeof(Byte)*len); //needs dynamically size of buff
[pack getBytes:sBuff range:NSMakeRange(0, 16)];
[pack getBytes:iBuff range:NSMakeRange(16, 32)];
[pack getBytes:pBuff range:NSMakeRange(32, len)];
[(*salt) replaceBytesInRange:NSMakeRange(0, 16) withBytes:sBuff];
[(*iv) replaceBytesInRange:NSMakeRange(0, 16) withBytes:iBuff];
NSMutableData *unpack = [NSMutableData dataWithLength:len];
[unpack replaceBytesInRange:NSMakeRange(0, len) withBytes:pBuff];
free(pBuff);
return unpack;
}
it should be pretty simple to integrate the encryption and decryption from these two methods.
Proof of concept: Can we pack all together? and Unpack again?
NSData *salt = [CryptAES randomDataOfLength:16];
NSData *iv = [CryptAES randomDataOfLength:16];
NSData *chunk = [CryptAES packWithSalt:salt IV:iv Cypher:plaintextData];
NSLog(#"salt=%# iv=%# pack=%# ",[salt base64EncodedStringWithOptions:0], [iv base64EncodedStringWithOptions:0], [chunk base64EncodedStringWithOptions:0] );
NSMutableData *unSalt = [NSMutableData dataWithLength:16];
NSMutableData *unIv = [NSMutableData dataWithLength:16];
NSData *unchunk = [CryptAES cypherUnpackToSalt:&unSalt andIV:&unIv fromPackData:chunk];
NSString *plainAgain = [[NSString alloc] initWithData:unchunk encoding:NSUTF8StringEncoding];
NSLog(#"salt=%# iv=%# unpack=%#",[unSalt base64EncodedStringWithOptions:0], [unIv base64EncodedStringWithOptions:0], plainAgain );
So your decryption method will still need parameters for a password.
Which is not perfect but as you should never throw around encrypted data together with its password - that should be ok - you just keep the handling of a password on the user side. I mean otherwise the whole encryption is useless!

Objective c RSA with OAEP padding sha256 prior ios 10

I am working on an encryption method in the iPhone with the RSA encryption method, so far i could achieve getting the encryption string with this method, the string is successfully decrypted by the server.
SecKeyRef keyRef = [self addPublicKey:pubKey];
SecKeyAlgorithm algorithm = kSecKeyAlgorithmRSAEncryptionOAEPSHA256;
if (!keyRef) {
return nil;
}
BOOL canEncrypt = SecKeyIsAlgorithmSupported(keyRef, kSecKeyOperationTypeEncrypt, algorithm);
if (canEncrypt) {
CFErrorRef error = NULL;
NSData *encryptedData = (NSData *)CFBridgingRelease(
SecKeyCreateEncryptedData(keyRef, algorithm, (__bridge CFDataRef) content, &error)
);
if (encryptedData) {
return encryptedData;
}else{
NSError *err = CFBridgingRelease(error);
NSLog(#"Ocurrió un error %#", err.localizedDescription);
return nil;
}
}
This method works for ios 10 and newer, what i need is to know how to set the algorithm in prior ios versions, my code is the following
SecKeyRef keyRef = [self addPublicKey:pubKey];
if (!keyRef) {
return nil;
}
size_t cipherBufferSize = SecKeyGetBlockSize(keyRef);
uint8_t *cipherBuffer = malloc(cipherBufferSize * sizeof(uint8_t));
memset((void *)cipherBuffer, 0*0, cipherBufferSize);
NSData *plainTextBytes = content;
size_t blockSize = cipherBufferSize - 11;
size_t blockCount = (size_t)ceil([plainTextBytes length] / (double)blockSize);
NSMutableData *encryptedData = [NSMutableData dataWithCapacity:0];
for (int i=0; i<blockCount; i++) {
int bufferSize = (int)MIN(blockSize,[plainTextBytes length] - i * blockSize);
NSData *buffer = [plainTextBytes subdataWithRange:NSMakeRange(i * blockSize, bufferSize)];
OSStatus status = SecKeyEncrypt(keyRef,
kSecPaddingOAEP,
(const uint8_t *)[buffer bytes],
[buffer length],
cipherBuffer,
&cipherBufferSize);
if (status == noErr){
NSData *encryptedBytes = [NSData dataWithBytes:(const void *)cipherBuffer length:cipherBufferSize];
[encryptedData appendData:encryptedBytes];
}else{
if (cipherBuffer) {
free(cipherBuffer);
}
return nil;
}
}
if (cipherBuffer) free(cipherBuffer);
So far i can see that in the version of ios 10 you can set the algorithm with this line
SecKeyAlgorithm algorithm = kSecKeyAlgorithmRSAEncryptionOAEPSHA256;
my question is, how do i get that algorithm in the early version of ios, the second code i post can't be decrypted.
Thanks for your help

If you are using OAEP padding with SecKeyEncrypt, you can only use kSecPaddingOAEP, which is SHA1. Unfortunately you cannot use OAEP SHA256 with SecKeyEncrypt.

AES/cbc/pkcs5padding encription IOS

I have used AES algorithm for encryption in android.
The following code we have used for encryption.
String seed = "somekey";
Key key = null;
// 128 bit key
byte[] byteKey = seed.substring(0, 16).getBytes("UTF-8");
key = new SecretKeySpec(byteKey, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(
new byte[16]));
byte[] encValue = cipher.doFinal(pValue.getBytes());
encryptedText = new BASE64Encoder().encode(encValue);
Can any one please provide the above logic for IOS.
Thanking in Advance.

It works both on android with:
#define FBENCRYPT_KEY_SIZE kCCKeySizeAES128
instead:
#define FBENCRYPT_KEY_SIZE kCCKeySizeAES256

You can use the following snippet as start point:
+ (NSData*)encryptData:(NSData*)data key:(NSData*)key iv:(NSData*)iv;
{
NSData* result = nil;
// setup key
unsigned char cKey[FBENCRYPT_KEY_SIZE];
bzero(cKey, sizeof(cKey));
[key getBytes:cKey length:FBENCRYPT_KEY_SIZE];
// setup iv
char cIv[FBENCRYPT_BLOCK_SIZE];
bzero(cIv, FBENCRYPT_BLOCK_SIZE);
if (iv) {
[iv getBytes:cIv length:FBENCRYPT_BLOCK_SIZE];
}
// setup output buffer
size_t bufferSize = [data length] + FBENCRYPT_BLOCK_SIZE;
void *buffer = malloc(bufferSize);
// do encrypt
size_t encryptedSize = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
FBENCRYPT_ALGORITHM,
kCCOptionPKCS7Padding,
cKey,
FBENCRYPT_KEY_SIZE,
cIv,
[data bytes],
[data length],
buffer,
bufferSize,
&encryptedSize);
if (cryptStatus == kCCSuccess) {
result = [NSData dataWithBytesNoCopy:buffer length:encryptedSize];
} else {
free(buffer);
NSLog(#"[ERROR] failed to encrypt|CCCryptoStatus: %d", cryptStatus);
}
return result;
}
+ (NSData*)decryptData:(NSData*)data key:(NSData*)key iv:(NSData*)iv;
{
NSData* result = nil;
// setup key
unsigned char cKey[FBENCRYPT_KEY_SIZE];
bzero(cKey, sizeof(cKey));
[key getBytes:cKey length:FBENCRYPT_KEY_SIZE];
// setup iv
char cIv[FBENCRYPT_BLOCK_SIZE];
bzero(cIv, FBENCRYPT_BLOCK_SIZE);
if (iv) {
[iv getBytes:cIv length:FBENCRYPT_BLOCK_SIZE];
}
// setup output buffer
size_t bufferSize = [data length] + FBENCRYPT_BLOCK_SIZE;
void *buffer = malloc(bufferSize);
// do decrypt
size_t decryptedSize = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt,
FBENCRYPT_ALGORITHM,
kCCOptionPKCS7Padding,
cKey,
FBENCRYPT_KEY_SIZE,
cIv,
[data bytes],
[data length],
buffer,
bufferSize,
&decryptedSize);
if (cryptStatus == kCCSuccess) {
result = [NSData dataWithBytesNoCopy:buffer length:decryptedSize];
} else {
free(buffer);
NSLog(#"[ERROR] failed to decrypt| CCCryptoStatus: %d", cryptStatus);
}
return result;
}
Constants
#define FBENCRYPT_ALGORITHM kCCAlgorithmAES128
#define FBENCRYPT_BLOCK_SIZE kCCBlockSizeAES128
#define FBENCRYPT_KEY_SIZE kCCKeySizeAES256
For more information, see FBEncryptor
Hope this helps.

Since AES has a bock size of 16-bytes PKCS#7Padding is required. Some earlier AES library implementers specified PKCS#5Padding in error.
PKCS#5Padding is only specified for a block size up to 8-bytes and PKCS#7Padding is specified for a block size up to 255-bytes. See Wikipedia: Padding. IOW PKCS#7Padding can be used in place of PKCS#5Padding.

CCCrypto decrypt: exactly one block less

I'm trying to decrypt string encrypted by golang script. The encryption is CBC, key size 256. 16 bytes long iv is include at the beginning of ciphered text, as golang doc suggested. Everything works fine except the objc codes always lost the last block. e.g. when I expect 80 bytes return but only get 64, expect 128 but get 112. any advice? thanks!
golang code
func encrypt(text_s, key_s string) byte[] {
text := []byte(text_s)
// padding text
n := aes.BlockSize - (len(text) % aes.BlockSize)
log.Println("Need to pad:", n)
if n != aes.BlockSize || n != 0 {
text = append([]byte(strings.Repeat(" ", n)), text...)
}
log.Println("to encrypt:'", string(text), "'")
log.Println("padded length:", len(text))
key := []byte(key_s)[:32]
block, _ := aes.NewCipher(key)
// if err != nil {
// panic(err)
// }
ret := make([]byte, aes.BlockSize + len(text))
iv := ret[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
panic(err)
}
cbc := cipher.NewCBCEncrypter(block, iv)
cbc.CryptBlocks(ret[aes.BlockSize:], text)
return ret
}
objc codes:
- (NSData *)decrypt:(NSData*)data{
if (!key) {
key = [[_token substringToIndex:32] dataUsingEncoding:NSUTF8StringEncoding];
}
// NSLog(#"decodbase64 :%#",[[NSString alloc] initWithData:data encoding:NSASCIIStringEncoding]);
// NSString *key = _token;
//
// char keyPtr[kCCKeySizeAES256 + 1]; // room for terminator (unused)
// 'key' should be 32 bytes for AES256, will be null-padded otherwise
// bzero(keyPtr, sizeof(keyPtr)); // fill with zeroes (for padding)
// BOOL patchNeeded = ([_token length] > kCCKeySizeAES256);
// NSLog(#"need patch? %#", patchNeeded ? #"YES": #"NO");
//
// if (patchNeeded) {
// key = [_token substringToIndex:kCCKeySizeAES256]; // Ensure that the key isn't longer than what's needed (kCCKeySizeAES256)
// }
// fetch key data
// [key getCString:keyPtr maxLength:sizeof(keyPtr) encoding:NSASCIIStringEncoding];
// if (patchNeeded) {
// // Previous iOS version than iOS7 set the first char to '\0' if the key was longer than kCCKeySizeAES256
// keyPtr[0] = '\0';
// }
size_t dataLength = [data length] - kCCBlockSizeAES128;
NSData *iv = [data subdataWithRange:NSMakeRange(0, kCCBlockSizeAES128)];
NSData *encrypted = [data subdataWithRange:NSMakeRange(kCCBlockSizeAES128, dataLength)];
//See the doc: For block ciphers, the output size will always be less than or
//equal to the input size plus the size of one block.
//That's why we need to add the size of one block here
// size_t bufferSize = dataLength + kCCBlockSizeAES128;
// void *buffer = malloc(dataLength);
NSMutableData *ret = [NSMutableData dataWithLength:dataLength + kCCBlockSizeAES128];
size_t numBytesDecrypted = 0;
CCCryptorStatus status = CCCrypt(kCCDecrypt, kCCAlgorithmAES,
kCCOptionPKCS7Padding,
[key bytes],
kCCKeySizeAES256,
[iv bytes],
[encrypted bytes], dataLength, /* input */
[ret mutableBytes], [ret length], /* output */
&numBytesDecrypted
);
NSLog(#"err: %d", status);
NSLog(#"dataLength: %d, num: %d", (int)dataLength, (int)numBytesDecrypted);
if (status == kCCSuccess) {
//the returned NSData takes ownership of the buffer and will free it on deallocation
return ret;
}
// free(buffer); //free the buffer;
return nil;
}

it turns out the problem is with the decryption option:
CCCryptorStatus status = CCCrypt(kCCDecrypt, kCCAlgorithmAES,
0, // change to 0 solve the problem
[key bytes],
kCCKeySizeAES256,
[iv bytes],
[encrypted bytes], dataLength, /* input */
[ret mutableBytes], [ret length], /* output */
&numBytesDecrypted
);

3DES encryption using CFB8 and no padding in iOS?

I am developing an application which will send encrypted data to a server. The server uses 3des with CFB8 and no padding. I have read most of the related questions in stackoverflow but still unable to get it work. Been working on this for few days but still unable to get it to match with the server encryption. here is what i have tried-
+ (NSString*) doCipher:(NSString*)plainText operation:(CCOperation)encryptOrDecrypt {
const void *vplainText;
NSData* plainTextData;
size_t plainTextBufferSize;
if (encryptOrDecrypt == kCCDecrypt)
{
NSData *EncryptData =[NSData dataWithBase64EncodedString:plainText];
plainTextBufferSize = [EncryptData length];
vplainText = [EncryptData bytes];
}
else
{
plainTextData = [plainText dataUsingEncoding:NSUTF8StringEncoding];
plainTextBufferSize = [plainTextData length];
}
CCCryptorStatus ccStatus;
uint8_t *bufferPtr = NULL;
size_t bufferPtrSize = 0;
size_t movedBytes = 0;
uint8_t iv[kCCBlockSize3DES];
bufferPtrSize = (plainTextBufferSize + kCCBlockSize3DES) & ~(kCCBlockSize3DES - 1);
bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t));
memset((void *)bufferPtr, 0x0, bufferPtrSize);
memset((void *) iv, 0x0, (size_t) sizeof(iv));
const void *vkey = kPrivateKey;
unsigned char IV[8]={0,0,0,0,0,0,0,0};
ccStatus = CCCrypt(encryptOrDecrypt,
kCCAlgorithm3DES,
0,
[keyData bytes],
[key length],
IV,
[plainTextData bytes],
plainTextBufferSize,
(void *)bufferPtr,
bufferPtrSize,
&movedBytes);
if (ccStatus == kCCSuccess) NSLog(#"SUCCESS");
else if (ccStatus == kCCParamError) return #"PARAM ERROR";
else if (ccStatus == kCCBufferTooSmall) return #"BUFFER TOO SMALL";
else if (ccStatus == kCCMemoryFailure) return #"MEMORY FAILURE";
else if (ccStatus == kCCAlignmentError) return #"ALIGNMENT";
else if (ccStatus == kCCDecodeError) return #"DECODE ERROR";
else if (ccStatus == kCCUnimplemented) return #"UNIMPLEMENTED";
NSString *result;
if (encryptOrDecrypt == kCCDecrypt)
{
result = [[NSString alloc] initWithData: [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes] encoding:NSASCIIStringEncoding];
}
else
{
NSData *myData = [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes];
result = [myData base64EncodedString];
}
return result;
}
It seems CCOptions currently supports kCCOptionPKCS7Padding and kCCOptionECBMode.How to achieve 3des with CFB8 and no padding.Any suggestion would be appreciated.

EDIT: Sorry; I overlooked a key point previously. You're never asking for CFB8 mode. The default is CBC mode.
You can't use CCCrypt() for this. You have to use CCCryptorCreateWithMode() so you can pass the mode. Then call CCCryptorUpdate() with the data and CCCryptorFinal() to finish.
If you don't want padding, why are you requesting padding? Remove kCCOptionPKCS7Padding. If you don't want any options (which you appear not to), just pass 0.
CFB-8 takes an initialization vector. You've set it to all 0's. Is this what the server is using? (This is a very poor IV; the IV for CFB should be random, not fixed.)
These lines are dangerous:
plainTextBufferSize = [plainText length];
vplainText = (const void *) [plainText UTF8String];
This will truncate any multi-byte strings. The better solution to this is to create an NSData:
plainTextData = [self.plainText dataUsingEncoding:NSUTF8StringEncoding];
You can then use bytes and length on plainTextData.