0

I trying to write an encryption (AESCBC256) function based on CCCrypt and the CCCrypt is generating a random value.

for example, when I pass 1234567 to function it'll return "HlFP2rCmycZS1269Cm47Q==" or "TTuSJrBcsOmOCDHc5IQ8Dw==" for the same iv and Key.

here's the iv: b5f89591 and the key is : 366e9c1b4b2ed2b1daf751d7500aaa01

func encrypt(Value: String)->String{
    let keyData = keyString.data(using: .utf8, allowLossyConversion: false)!
    let iv = SecretKey.data(using: .utf8, allowLossyConversion: false)!
    let message       = SecretKey+Value
    let data = message.data(using: .utf8, allowLossyConversion: false)!
    let cryptData    = NSMutableData(length: Int(data.count) + kCCBlockSizeAES128)!
    let keyLength              = size_t(kCCKeySizeAES256)
    let operation: CCOperation = CCOperation(UInt32(kCCEncrypt))
    let algoritm:  CCAlgorithm = CCAlgorithm(UInt32(kCCAlgorithmAES128))
    let options:   CCOptions   = CCOptions(UInt32(kCCOptionPKCS7Padding))
    var numBytesEncrypted :size_t = 0
    let cryptStatus = CCCrypt(operation,
                              algoritm,
                              options,
                              keyData.withUnsafeBytes { (bytes: UnsafePointer<UInt8>) -> UnsafePointer<UInt8> in return bytes},
                              keyLength,
                              iv.withUnsafeBytes { (bytes: UnsafePointer<UInt8>) -> UnsafePointer<UInt8> in return bytes},
                              data.withUnsafeBytes { (bytes: UnsafePointer<UInt8>) -> UnsafePointer<UInt8> in return bytes},
                              data.count,
                              cryptData.mutableBytes, cryptData.length,
                              &numBytesEncrypted)

    if UInt32(cryptStatus) == UInt32(kCCSuccess) {
        cryptData.length = Int(numBytesEncrypted)
        return String(describing: cryptData.base64EncodedString(options: .lineLength64Characters))
    }else{
        return ""
    }
}
rmaddy
  • 314,917
  • 42
  • 532
  • 579
Amirhesam Rayatnia
  • 7
  • 3

1 Answers1

3

Your IV is the wrong length. It's 8 bytes long, but AES requires a 16 byte IV, so it's reading random data out of memory for the other 8 bytes.

Rob Napier
  • 286,113
  • 34
  • 456
  • 610
  • I work well with the simulator, did you know how Macintosh manage the memory, what're the other 8 bytes? is it 0x0 or 0xF or what? – Amirhesam Rayatnia Jun 12 '18 at 08:38
  • It can be absolutely anything (including crashing the process). Reading off the end of an array is undefined behavior. Anything could be there (and often is; mistakes exactly like this one are the cause of security bugs like Heartbleed that leak sensitive information that happened to be in that memory). You could get the same results repeatedly because it was all 0s, or you could get the same results repeatedly because the same steps happen each time, so the memory is always in the same non-0 state. (But the most common value is 0.) – Rob Napier Jun 12 '18 at 13:35
  • I fix the problem by add 8 more bytes to IV key, also, this code was helpful to me [CryptoCompatibility](https://developer.apple.com/library/archive/samplecode/CryptoCompatibility/) and this one [AES-128, AES-192, AES-256](https://csrc.nist.gov/csrc/media/publications/fips/197/final/documents/fips-197.pdf) – Amirhesam Rayatnia Jun 14 '18 at 08:51