iphone - AES-256 encryption on iOS not producing same result as openssl -


i have been looking , looking @ hours. desperately trying ios encrypt short piece of text using aes-256 encryption can decrypted openssl.

straight forward? nope.

the code i've found ios not compatible keys , ivs openssl, i've had adapt it, it's plainly not working.

so here code encrypt using... passing in string encrypt (datastring) string key (key) , string initialisation vector (iv)...

- (nsdata *)aes256encrypt:(nsstring *)datastring withkey:(nsstring *)key iv:(nsstring *)iv {      // 'key' should 32 bytes aes256, null-padded otherwise     //char keyptr[kcckeysizeaes256+1]; // room terminator (unused)     //bzero(keyptr, sizeof(keyptr)); // fill zeroes (for padding)      // fetch key data     //[key getcstring:keyptr maxlength:sizeof(keyptr) encoding:nsutf8stringencoding];      //nslog(@"keyptr: '%s'", keyptr);      nsdata *keydata = [key datausingencoding:nsutf8stringencoding];     nslog(@"keyptr: '%s'", keydata.bytes);     nsdata *datatoencrypt = [datastring datausingencoding:nsutf8stringencoding];     nsdata *ivdata = [iv datausingencoding:nsutf8stringencoding];      nsuinteger datalength = [datatoencrypt length];      //see doc: block ciphers, output size less or      //equal input size plus size of 1 block.     //that's why need add size of 1 block here     size_t buffersize = datalength + kccblocksizeaes128;     void *buffer = malloc(buffersize);      size_t numbytesencrypted = 0;     cccryptorstatus cryptstatus = cccrypt(kccencrypt, kccalgorithmaes128, kccoptionpkcs7padding,                                           keydata.bytes, kcckeysizeaes256,                                           ivdata.bytes, // initialisation vector                                           datatoencrypt.bytes,                                            datatoencrypt.length, /* input */                                           buffer, buffersize, /* output */                                           &numbytesencrypted);     if (cryptstatus == kccsuccess) {         //the returned nsdata takes ownership of buffer , free on deallocation         return [nsdata datawithbytesnocopy:buffer length:numbytesencrypted];     }      free(buffer); //free buffer;     return nil; }

for same string encode, not produce same value when using openssl same key , iv... e.g. command line:

openssl enc -aes-256-cbc -e -in secrets.txt -a -iv 0000 -k 0000 -p

secrets.txt text file containing string encrypted

this outputs this:

salt=3c66000000000000 key=0000000000000000000000000000000000000000000000000000000000000000 iv =00000000000000000000000000000000 qtmfgtaxbf8yyh27zdrciq==

and decrypt, opposite operation (assuming encrypted last line of data above in test.secrets.out)

openssl enc -aes-256-cbc -d -in test.secrets.out -a -iv 0000 -k 0000 -p  salt=3c66000000000000 key=0000000000000000000000000000000000000000000000000000000000000000 iv =00000000000000000000000000000000 < text of secrets.txt file >

now, if use key , iv of 4 chars, doesn't encode correctly in ios. if use full length key , iv, doesn't encode correctly either.

basically, check see if send piece of encrypted data right piece of data.

what missing?

some code i've looked through try find answer...

http://robnapier.net/blog/aes-commoncrypto-564

https://github.com/rnapier/rncryptor

http://pastie.org/426530

have searched extensively on here , cannot find answer.

any appreciated.

openssl has unique (read "not close standard, , not particularly secure") method converting passwords iv , key. if @ rnopensslcryptor, you'll see algorithm used:

// aes-128: // // key = md5(password + salt) // iv = md5(key + password + salt)  // // aes-256: // // hash0 = '' // hash1 = md5(hash0 + password + salt) // hash2 = md5(hash1 + password + salt) // hash3 = md5(hash2 + password + salt) // hash4 = md5(hash3 + password + salt) // // key = hash1 + hash2 // iv = hash3 + hash4 //  // file format: // // |salted___|<salt>|<ciphertext>| //

using rnopensslcryptor allows rncryptor support openssl format. in midst of reworking code on async branch support async operations, , branch doesn't yet support openssl, plan rework shortly (by mid-july 2012).

if want code implements own use, @ keyforpassword:salt: , ivforkey:password:salt:.

note the openssl file format has several security problems , don't recommend if can avoid it. not use kdf generate key, not have random iv should, , provides no hmac authentication. these security problems why designed different file format, hated creating "yet incompatible container."


Comments

Post a Comment

Popular posts from this blog

jquery - Invalid Assignment Left-Hand Side -

i trying assign class tag via jquery, resulting in error through firebug says "invalid assignment left-hand side" on fourth line below. <cfoutput> $('.pngfix a').each(function(index) { var hreflink = $(this).attr("href"); if (hreflink.tolowercase() = '../audio.cfm') { $(this).addclass('audioimg'); } }); </cfoutput> looking around online, looks syntax problem, don't seem see it... any tips? thanks if (hreflink.tolowercase() = '../audio.cfm') that attempts assign value, rather check equality. change = operator == .
Read more

java - Play! framework 2.0: How to display multiple image? -

i need display gallery of photos. here template: @(photos: list[photo]) @title = { <bold>gallery</bold> } @main(title,"photo"){ <ul class="thumbnails"> @for(photo <- photos) { <li class="span3"> <a href="#" class="thumbnail"> <img src="@photo.path" alt=""> </a> </li> } </ul> } and here controller method: public static result getphotos() { return ok(views.html.photo.gallery.render(photo.get())); } and here photo bean : @entity public class photo extends model { @id public long id; @required public string label; public string path; public photo(string path, string label) { this.path = path; this.label = label; } private static finder<long, photo> find = new finder<long, photo>( long.class, photo.class); public static list<phot...
Read more

gmail - Is there any documentation for read-only access to the Google Contacts API? -

i want read-only access user's google contacts. there stackoverflow member wanted this, , received following answer : yes, there is, use https://www.googleapis.com/auth/contacts.readonly scope , "view contacts". this exchange reference read-only access google contacts can find using google. simply using access token obtained attempt read usual google contacts api (i.e. https://www.google.com/m8/feeds ) fails insufficient permissions. similarly, using google contacts api on new target fails 404 errors (for example https://www.googleapis.com/auth/contacts.readonly/default/full ). is there documentation anywhere on how use api, or permissible way access google contacts api full read-write access?
Read more