-2

I'm trying to decrypt using the following function, but I keep getting the same encrypted string.

What would be the reason for this? 

    NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding];

    const void *vEncryptedText = [data bytes];
    size_t encryptedTextBufferSize = [data length];
    CCCryptorStatus ccStatus;
    uint8_t *bufferPtr = NULL;
    size_t bufferPtrSize = 0;
    size_t movedBytes = 0;
    bufferPtrSize = (encryptedTextBufferSize + kCCBlockSize3DES) & ~(kCCBlockSize3DES - 1);
    bufferPtr = malloc( bufferPtrSize * sizeof(uint8_t));
    memset((void *)bufferPtr, 0x0, bufferPtrSize);

    const void *vkey = (const void *) [@"123456789012345678901234" UTF8String];

    ccStatus = CCCrypt(kCCDecrypt,
                       kCCAlgorithm3DES,
                       kCCOptionECBMode | kCCOptionPKCS7Padding,
                       vkey,
                       kCCKeySize3DES,
                       NULL,
                       vEncryptedText,
                       encryptedTextBufferSize,
                       (void *)bufferPtr,
                       bufferPtrSize,
                       &movedBytes);

    NSData *myData = [NSData dataWithBytes:(const void *)bufferPtr length:(NSUInteger)movedBytes];
    return [myData base64EncodedStringWithOptions:0];

Update:

I've changed data to:

NSData *data = [[NSData alloc] initWithBase64EncodedString:string options:0];

Still no luck. I'm getting the same output string as the input encrypted string.

I've solved the issue by returning:

return [[NSString alloc] initWithData:data encoding:NSUTF8StringEncoding];
Joe Vitamins
  • 63
  • 6
  • 1
    What does ccStatus say after the decrypt attempt? – Putz1103 Aug 16 '16 at 13:25
  • It is best not to use 3DES, it is superseded by AES. Do not use ECB mode, it is insecure, see [ECB mode](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Electronic_Codebook_.28ECB.29), scroll down to the Penguin. – zaph Aug 16 '16 at 13:51
  • If you want help you need to provide sample input and output in hexadecimal. The decryption code is itself not incorrect with the exception of a missing method line to balance the return statement. – zaph Aug 16 '16 at 14:15
  • ccStatus is kCCSuccess, I'll add a sample output and input.. – Joe Vitamins Aug 16 '16 at 14:16
  • CCStatus does not indicate if the decryption is correct, only that there is no error in the parameters, that is programming errors. – zaph Aug 16 '16 at 14:18
  • The encrypted string is base64 encoded, could that be the issue? – Joe Vitamins Aug 16 '16 at 14:20
  • Sorry, I had changed the variable name. It's the same. – Joe Vitamins Aug 16 '16 at 14:24

1 Answers1

1

It is virtually impossible for encrypted data to be a valid UTF-8 encoded string, encrypted data is an array or 8-bit bytes that will appear to be random.

Thus the first line:
NSData *data = [string dataUsingEncoding:NSUTF8StringEncoding];
is incorrect. If the encrypted data is indeed a UTF-8 string it has been encoded to probably Base64 or Hexadecimal.

zaph
  • 111,848
  • 21
  • 189
  • 228