CommonCrypto to generate encrypted string with 16 char length

Question

It is the first time I try to use encryption so I am not sure if what I need is achievable with the following code.

MY PROBLEM - I need it to generate an encoded string with 16 characters instead of the 64 character that is being generated at the moment.

I have a preference for using a native swift library instead of an external framework. And because of that could not find much about how to use CommonCrypto. Not sure if it is correct approach as well.

Where I got the example

http://sketchytech.blogspot.co.nz/2016/02/resurrecting-commoncrypto-in-swift-for.html

My usage

let keyString = "1234567812345678"
    let message = "12345678123456781234567812345678"
    let iv = "iv-salt-string--" // string of 16 characters in length

    let encoded = message.aesEncrypt(keyString, iv: iv)!
    print("encoded -> \(encoded)")

    let unencode = encoded.aesDecrypt(keyString, iv: iv)!
    print("unencode -> \(unencode)")

Output

encoded -> S81qV6F31xO8mUA1+HhsF7pHOMeE0f6Bbcmj3Zzk3EFLhQTCmfYlouorrUkYKL6K
unencode -> 12345678123456781234567812345678

Extension

extension String {

    func aesEncrypt(key:String, iv:String, options:Int = kCCOptionPKCS7Padding) -> String? {
        if let keyData = key.dataUsingEncoding(NSUTF8StringEncoding),
            data = self.dataUsingEncoding(NSUTF8StringEncoding),
            cryptData    = NSMutableData(length: Int((data.length)) + kCCBlockSizeAES128) {


                let keyLength              = size_t(kCCKeySizeAES128)
                let operation: CCOperation = UInt32(kCCEncrypt)
                let algoritm:  CCAlgorithm = UInt32(kCCAlgorithmAES128)
                let options:   CCOptions   = UInt32(options)



                var numBytesEncrypted :size_t = 0

                let cryptStatus = CCCrypt(operation,
                    algoritm,
                    options,
                    keyData.bytes, keyLength,
                    iv,
                    data.bytes, data.length,
                    cryptData.mutableBytes, cryptData.length,
                    &numBytesEncrypted)

                if UInt32(cryptStatus) == UInt32(kCCSuccess) {
                    cryptData.length = Int(numBytesEncrypted)
                    let base64cryptString = cryptData.base64EncodedStringWithOptions(.Encoding64CharacterLineLength)
                    return base64cryptString


                }
                else {
                    return nil
                }
        }
        return nil
    }

    func aesDecrypt(key:String, iv:String, options:Int = kCCOptionPKCS7Padding) -> String? {
        if let keyData = key.dataUsingEncoding(NSUTF8StringEncoding),
            data = NSData(base64EncodedString: self, options: .IgnoreUnknownCharacters),
            cryptData    = NSMutableData(length: Int((data.length)) + kCCBlockSizeAES128) {

                let keyLength              = size_t(kCCKeySizeAES128)
                let operation: CCOperation = UInt32(kCCDecrypt)
                let algoritm:  CCAlgorithm = UInt32(kCCAlgorithmAES128)
                let options:   CCOptions   = UInt32(options)

                var numBytesEncrypted :size_t = 0

                let cryptStatus = CCCrypt(operation,
                    algoritm,
                    options,
                    keyData.bytes, keyLength,
                    iv,
                    data.bytes, data.length,
                    cryptData.mutableBytes, cryptData.length,
                    &numBytesEncrypted)

                if UInt32(cryptStatus) == UInt32(kCCSuccess) {
                    cryptData.length = Int(numBytesEncrypted)
                    let unencryptedMessage = String(data: cryptData, encoding:NSUTF8StringEncoding)
                    return unencryptedMessage
                }
                else {
                    return nil
                }
        }
        return nil
    }
}

zaph · Accepted Answer · 2016-02-25T23:54:51.237

You have 16 bytes of input after converting to data from hex. You specify PKCS#7 padding kCCOptionPKCS7Padding. If the data is an exact multiple of the block size PKCS#7 padding must add an entire block of padding to the data to be encrypted making 32-bytes of data. (That is because some padding must always be added and if there is no partial block the only way is to add a block of padding.) On decryption the 16-bytes of padding will be removed so you will get back 16-bytes of data.

See: PKCS#7 padding.

If the input data is always a multiple of the block size (16-bytes) then you do not need to add padding, so you do not need to supply the kCCOptionPKCS7Padding as an option.

score 0 · Answer 2 · answered Apr 27 '19 at 08:59

extension String {

func aesEncrypt(key:String, iv:String, options:Int = kCCOptionPKCS7Padding) -> String? {
    if let keyData = key.data(using: String.Encoding.utf8),
        let data = self.data(using: String.Encoding.utf8),
        let cryptData    = NSMutableData(length: Int((data.count)) + kCCBlockSizeAES128) {


        let keyLength              = size_t(kCCKeySizeAES128)
        let operation: CCOperation = UInt32(kCCEncrypt)
        let algoritm:  CCAlgorithm = UInt32(kCCAlgorithmAES128)
        let options:   CCOptions   = UInt32(options)



        var numBytesEncrypted :size_t = 0

        let cryptStatus = CCCrypt(operation,
                                  algoritm,
                                  options,
                                  (keyData as NSData).bytes, keyLength,
                                  iv,
                                  (data as NSData).bytes, data.count,
                                  cryptData.mutableBytes, cryptData.length,
                                  &numBytesEncrypted)

        if UInt32(cryptStatus) == UInt32(kCCSuccess) {
            cryptData.length = Int(numBytesEncrypted)
            let base64cryptString = cryptData.base64EncodedString(options: .lineLength64Characters)
            return base64cryptString


        }
        else {
            return nil
        }
    }
    return nil
}

func aesDecrypt(key:String, iv:String, options:Int = kCCOptionPKCS7Padding) -> String? {
    if let keyData = key.data(using: String.Encoding.utf8),
        let data = NSData(base64Encoded: self, options: .ignoreUnknownCharacters),
        let cryptData    = NSMutableData(length: Int((data.length)) + kCCBlockSizeAES128) {

        let keyLength              = size_t(kCCKeySizeAES128)
        let operation: CCOperation = UInt32(kCCDecrypt)
        let algoritm:  CCAlgorithm = UInt32(kCCAlgorithmAES128)
        let options:   CCOptions   = UInt32(options)

        var numBytesEncrypted :size_t = 0

        let cryptStatus = CCCrypt(operation,
                                  algoritm,
                                  options,
                                  (keyData as NSData).bytes, keyLength,
                                  iv,
                                  data.bytes, data.length,
                                  cryptData.mutableBytes, cryptData.length,
                                  &numBytesEncrypted)

        if UInt32(cryptStatus) == UInt32(kCCSuccess) {
            cryptData.length = Int(numBytesEncrypted)
            let unencryptedMessage = String(data: cryptData as Data, encoding:String.Encoding.utf8)
            return unencryptedMessage
        }
        else {
            return nil
        }
    }
    return nil
}


  }

Is this 16 bit of length

CommonCrypto to generate encrypted string with 16 char length

2 Answers2