Decryption of base64 encoded data objective-C

Question

I have been working on this for a while, but can not find a way to tackle the problem. Hopefully one of you can tell me what I am missing.

I am using NSURLConnection to download base64 encoded data containing AES128 encrypted data. What I have is the key, see code, and the knowledge that the first 16 characters of the encrypted data is the IV. What I want is to decode the data and then decrypt it using the key and iv extracted. This is what I have so far:

    - (void) connectionDidFinishLoading:(NSURLConnection *) connection {
        NSLog(@"Succeeded! Downloaded %d bytes of data", downloadData.length);
        NSData *decoded_EncryptedData = [downloadData base64EncodedDataWithOptions:0];
        NSString *decoded_EncryptedString = [[NSString alloc] initWithData: decoded_EncryptedData encoding:NSUTF8StringEncoding];
        const void *key = @"0000000000000000000000000000000"; // key of length 32 char -> i know standard format for AES128 encryption is 16, maybe this requires 256 AES decryption
        const void *iv = (__bridge const void *)([decoded_EncryptedString substringWithRange:NSMakeRange(0,16)]);
        NSString *encryptedString = [decoded_EncryptedString substringWithRange:NSMakeRange(16, decoded_EncryptedString.length-16)];

        // Now I have no idea what needs to happen, but from online research I found it should be something like this:
        NSData encryptedData = [encryptedString dataUsingEncoding:NSUTF8StringEncoding]; // Writing it back into a data file
        // Find size of returned data
        size_t Size = encryptedData.length + kCCBlockSizeAES128;
        // Initialise returned data
        NSMutableData *decryptedData = [NSMutableData dataWithLength:Size];
        // allocate variable to numBytesDecrypted
        size_t numBytesDecrypted;

        CCCryptorStatus cryptStatus = CCCrypt(kCCDecrypt, kCCAlgorithmAES128, 0, KCCKeySizeAES128, iv,
                    [encryptedData bytes], [encryptedData length], [decryptedData bytes], [decryptedData length],
                    &numBytesDecrypted);

        // Now I test whether the decryption process was successful:
        if (cryptStatus == kCCSuccess) {
                NSLog(@"Successfully decrypted);
                NSString *decryptedString = [[NSString alloc] initWithData:decryptedData encoding: NSUTF8StringEncoding]; 
        }

    }

The above code does display Successfully decrypted, however the string return null and size 0. Could someone please help me solve this? I would be so grateful.

Kind regards, Lennaert

Answer 1

You have many problems.

1. You really need to know if the encryption is AES128 or AES256.

2. Encryption is data based, not string based. The conversion to a string decoded_EncryptedString is incorrect not should not be done.

3. The key is an issue, using a string is generally a bad idea, it is expected to be data bytes. Possibly the key is specified in hex so 32 hex characters would be 128 bits. If so conversion to data will be required.

4. 'iv' and encryptedString are strings but they should be data, this a result of 2 above.

5. The key is not passed to CCCrypt.

6. Padding is generally used since the data is rarely exactly a block size in length, you probably need to specify PKCS7 padding to CCCrypt. You need to know if padding was used and if so was it PKCS7, php for example uses non-standard padding.

7. If PKCS7 padding is used the result must be trimmed to the length based on the variable numBytesDecrypted. If some other padding is used that must be trimmed.

If you want more help please supply test data and the result.

Finally, try and check back more frequently.