AES algorithm implementation in iOS

Question

Hi all I am struggling in converting AES algorithm .net code to objective c. I go through different API's but results are always different .net code provided by client I am not a .net developer so i am struggling. Any suggestions or code snippet is appreciated .net code is as under.

 Public Function AES_Encrypt(ByVal input As String, ByVal pass As String) As String
            Dim AES As New System.Security.Cryptography.RijndaelManaged
            Dim Hash_AES As New System.Security.Cryptography.MD5CryptoServiceProvider
            Dim encrypted As String = ""
            Try
                Dim hash(31) As Byte
                Dim temp As Byte() =     Hash_AES.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(pass))
                Array.Copy(temp, 0, hash, 0, 16)
                Array.Copy(temp, 0, hash, 15, 16)
                AES.Key = hash
                AES.Mode = Security.Cryptography.CipherMode.ECB
              Dim DESEncrypter As System.Security.Cryptography.ICryptoTransform = AES.CreateEncryptor
            Dim Buffer As Byte() = System.Text.ASCIIEncoding.ASCII.GetBytes(input)
            encrypted = Convert.ToBase64String(DESEncrypter.TransformFinalBlock(Buffer, 0, Buffer.Length))
        Catch ex As Exception
        End Try
        Return encrypted
    End Function
 
 
 
    Public Function AES_Decrypt(ByVal input As String, ByVal pass As String) As String
        Dim AES As New System.Security.Cryptography.RijndaelManaged
        Dim Hash_AES As New System.Security.Cryptography.MD5CryptoServiceProvider
        Dim decrypted As String = ""
        Try
            Dim hash(31) As Byte
            Dim temp As Byte() = Hash_AES.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(pass))
            Array.Copy(temp, 0, hash, 0, 16)
            Array.Copy(temp, 0, hash, 15, 16)
            AES.Key = hash
            AES.Mode = Security.Cryptography.CipherMode.ECB
            Dim DESDecrypter As System.Security.Cryptography.ICryptoTransform = AES.CreateDecryptor
            Dim Buffer As Byte() = Convert.FromBase64String(input)
            decrypted = System.Text.ASCIIEncoding.ASCII.GetString(DESDecrypter.TransformFinalBlock(Buffer, 0, Buffer.Length))
 
        Catch ex As Exception
        End Try
        Return decrypted
    End Function*

Why are you in charge of developing encryption software you simply dont understand? — deleted_user, Sep 01 '12 at 11:38
This code is very popular among .net developers http://stackoverflow.com/questions/5987186/aes-encrypt-string-in-vb-net so i am wondering may be some one who already done this in objective c may share his thoughts. — khurram shahzad, Sep 01 '12 at 12:31
This .NET code is very broken. It's using ECB mode, which should never be used for this kind of data, and has a weak password-to-key algorithm. Did you have other options you found that weren't so insecure? While possible to convert to ObjC, I would find better code first. — Rob Napier, Sep 03 '12 at 00:03
@RobNapier thanks for your help. i know ECB is insecure but our client is using this code on his server so we have to implement this. Moreover, this code is working i checked that my self. — khurram shahzad, Sep 03 '12 at 09:24
By "broken" I meant extremely insecure, not that it would not convert data back and forth. — Rob Napier, Sep 03 '12 at 13:19
@RobNapier my apology if i misunderstood you. Now scenario is this client is using above code we can't enforce him to change it. So do you have some recommendation about above code? so i will able to convert it in objective c — khurram shahzad, Sep 03 '12 at 13:57
You should start by informing the client of the security problems with this code unless there is a specific reason they are using it. We don't have to force clients to do things in order to at least inform them of problems. I can convert this to ObjC, but I will not do that here. Other people may copy it and it should not be used. People copying the insecure .NET code is what caused this problem in the first place. If you get stuck, you may contact me at the email address on my profile and we can discuss a consulting agreement. — Rob Napier, Sep 03 '12 at 14:19

score 3 · Accepted Answer · answered Sep 02 '12 at 07:28

In iOS, you can the CommonCrypto API :

size_t numBytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
                                      keyPtr, keySize,
                                      NULL /* initialization vector (optional) */,
                                      [someData bytes], dataLength, /* input */
                                      buffer, bufferSize, /* output */
                                      &numBytesEncrypted);
if (cryptStatus == kCCSuccess) {
    //the returned NSData takes ownership of the buffer and will free it on deallocation
    return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
}

And to decrypt :

size_t numBytesDecrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, kCCOptionPKCS7Padding,
                                      keyPtr, keySize,
                                      NULL /* initialization vector (optional) */,
                                      [self bytes], dataLength, /* input */
                                      buffer, bufferSize, /* output */
                                      &numBytesDecrypted);

if (cryptStatus == kCCSuccess) {
    //the returned NSData takes ownership of the buffer and will free it on deallocation
    return [NSData dataWithBytesNoCopy:buffer length:numBytesDecrypted];
}

Thanks for your code. I implemented no of API's but no luck so far. Can you please provide little bit explanation of above so i may can map that with above .net code? — khurram shahzad, Sep 03 '12 at 09:26

AES algorithm implementation in iOS

1 Answers1