2

Hi need to encrypt this string

NSString *iv = @"12345678910111211";
NSString *key = @"12345678910111211";

NSString *dataString2 = @"eJDRqD_1ME0:APA91bFRfuy6Xk0GMVHtFLKjw5eZnqoGQ7wdTYjXdLGPqOVGuApv_eaZQzHQmqhqTKN70mspUt6BpZFFnCGn4j2y0Ew-eS1SnghLQZNxNAbh9LSgCjviWGe2wwCCW132jqW5E_aaxL5g";

NSData *dataIn2 = [dataString2 dataUsingEncoding:NSUTF8StringEncoding];
NSData *result2 = [BBAES encryptedDataFromData:dataIn2 IV:ivData key:symKey options:0]; // result = 16bytes
NSData *hexaData2 = result2;
NSString *DataHexadecimalString2 = [hexaData2 hexadecimalString];
NSLog(@"Encrypted hexa  = %@", DataHexadecimalString2);

Output I am getting is:

6bd95973e91de1330e3195098104116b0f888533bfeb0f20edcbcdf66a9e5d79676b8b33b62c470454003dc5013d92efb191b1b07e320b1cff59874007191d72be18e8b2784dcfc8c2960b59879b9c14c42421105ac356d5bccc7ee0f70122f8c2a47743984ba453a02b82b7ddd770fd5284483d3581c818076f9c87569345ab558c2e286ceb1388d6444042ecb10d0ccb294488ed51c86de20b85b076bb2d85

Expected output is this:

6bd95973e91de1330e3195098104116b0f888533bfeb0f20edcbcdf66a9e5d79676b8b33b62c470454003dc5013d92efb191b1b07e320b1cff59874007191d72be18e8b2784dcfc8c2960b59879b9c14c42421105ac356d5bccc7ee0f70122f8c2a47743984ba453a02b82b7ddd770fd5284483d3581c818076f9c87569345ab558c2e286ceb1388d6444042ecb10d0c46530088a27a522ba365d6942a83ac41

Don't know what I am doing wrong. Can any one help me?

Improve this question
13
  • Hi Praveen, what you mean by expected output, is it shared with you by someone else who encrypted it from different platform like java or .net. Commented Feb 2, 2017 at 16:13
  • Ya i got that output from advance rest client @prasad when the php guy tries to decrypt the data he said he is receiving some special caracters Commented Feb 2, 2017 at 16:14
  • do you mean you are calling some web api and its giving this output in response? Commented Feb 2, 2017 at 16:16
  • 1
    have you set proper key size (refer BBAESKeySize) Commented Feb 2, 2017 at 16:26
  • 2
    It is best not to use mcrypt, it has been abandonware for nearly a decade now. It has therefore been deprecated and will be removed from the core and into PECL in PHP 7.2. It does not support standard PKCS#7 (née PKCS#5) padding, only non-standard null padding that can't even be used with binary data. mcrypt has many outstanding bugs dating back to 2003. Instead consider using defuse or RNCryptor, they provide a complete solution, are being maintained and is correct. Commented Feb 2, 2017 at 16:41

1 Answer 1

Reset to default
2

This is a great example of why not to use mcrypt.

The input string is 153 bytes, it will require padding to 160 bytes, either specify a padding option or there will be an error. In this case it looks like the encryption function just took whatever bytes followed the input in memory.

One solution is to specify PKCS#7 (née PKCS#5) padding.

Added information: mcrypt and null padding is being used, just add enough null bytes to the encrypted data to bring it up to an exact multiple of the block size (AES block size is 16-bytes).

You need to do two things:

1) Add trailing 0x00 bytes, in this example add 8:

NSString *dataString2 = @"eJDRqD_1ME0:APA91bFRfuy6Xk0GMVHtFLKjw5eZnqoGQ7wdTYjXdLGPqOVGuApv_eaZQzHQmqhqTKN70mspUt6BpZFFnCGn4j2y0Ew-eS1SnghLQZNxNAbh9LSgCjviWGe2wwCCW132jqW5E_aaxL5g\x00\x00\x00\x00\x00\x00\x00\x00";

2) In BBAES remove the PKCS#7 padding 

CCCryptorStatus status = CCCryptorCreate(operation, kCCAlgorithmAES128, kCCOptionPKCS7Padding, [key bytes], [key length], [iv bytes], &cryptor);

to

CCCryptorStatus status = CCCryptorCreate(operation, kCCAlgorithmAES128, 0, [key bytes], [key length], [iv bytes], &cryptor);

Just using Common Crypto (warning, no error checking in example):

NSData *ivData  = [@"0q1z2a3a4p5a6789" dataUsingEncoding:NSUTF8StringEncoding];
NSData *keyData = [@"9876a5p4a3a2z1q0" dataUsingEncoding:NSUTF8StringEncoding];
NSData *encryptedData = [@"eJDRqD_1ME0:APA91bFRfuy6Xk0GMVHtFLKjw5eZnqoGQ7wdTYjXdLGPqOVGuApv_eaZQzHQmqhqTKN70mspUt6BpZFFnCGn4j2y0Ew-eS1SnghLQZNxNAbh9LSgCjviWGe2wwCCW132jqW5E_aaxL5g\x00\x00\x00\x00\x00\x00\x00\x00" dataUsingEncoding:NSUTF8StringEncoding];

NSMutableData *plainData = [NSMutableData dataWithLength: encryptedData.length];
size_t movedBytes = 0;
CCCryptorStatus ccStatus;
ccStatus = CCCrypt(kCCEncrypt,
                   kCCAlgorithmAES128,
                   0, // Bad idea not to use PKCS#7 padding (kCCOptionPKCS7Padding)
                   keyData.bytes, kCCKeySizeAES128,
                   ivData.bytes,
                   encryptedData.bytes, encryptedData.length,
                   plainData.mutableBytes, plainData.length,
                   &movedBytes);

plainData.length = movedBytes;
NSLog(@"Data: \n%@",plainData);

You can of course add the null bytes with a code loop but the best is not to use mcrypt and use PKCS#7 (née PKCS#5) padding.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I liked it better before the spelling correction. :)
@matt Oh matt, matt, matt, what are we going to do with you. 🤣🤣🤣

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.