0

I have appended the IV to the AES Encryption/decryption code by using objective c in iOS and able to decrypt and encrypt the same. Right now I am trying to add the salt to the AES Encryption but unfortunately its not working for me.

User1075
  • 819
  • 15
  • 36

1 Answers1

1

You're stretching your encryption key, but you're not stretching your decryption key. The decryption code never calls AESKeyForPassword, and I don't see anywhere that you store the salt to send it to the decryptor (the way you send the IV to the decryptor). You can't just apply PBKDF2 to one side. That gives you completely different keys.

Rob Napier
  • 286,113
  • 34
  • 456
  • 610
  • Hello Sir I was eagerly waiting for you yes I haven't used in the decrypt function. Can you please help me to rectify my code? – User1075 Nov 04 '20 at 14:24
  • I have made an edit and I am performing the operations from the view controllers now. Can you please check? – User1075 Nov 04 '20 at 14:31
  • Can I store and send the salt the same way as the IV? Please tell how to do that.. It would be a great help for me – User1075 Nov 04 '20 at 14:34
  • Yes, you need to include the salt it in dataOut, precisely as you are already doing with IV. But if you don't need to match any particular format, use RNCryptor. It already does all of this for you in a single call, and includes authentication to ensure the encrypted data wasn't modified. https://github.com/RNCryptor/RNCryptor – Rob Napier Nov 04 '20 at 15:09
  • Thanks Again can you please explain how to include the dataOut. Yes I have been to RNCryptor but since android guys are facing issues I decided to design my own class. Please explain how to include salt in dataOut or you can help me with sample code...kindly please consider this request – User1075 Nov 04 '20 at 15:11
  • And yes I need to follow a particular format i.e first 16 - salt then IV then encrypted code. Please help me in the current code – User1075 Nov 04 '20 at 15:17
  • RNCryptor is available on Android: https://github.com/RNCryptor/JNCryptor Designing your own format is tricky and error prone. I can't review this code today. I may be able to look at it later this week. – Rob Napier Nov 04 '20 at 15:22
  • "Android is not a tested nor supported platform for JNCryptor and there are no plans to address these performance issues" I guess the library has some problem .. yes if you are able to look at the issue later this week then it will be helpful for me :) – User1075 Nov 04 '20 at 15:24
  • That library works, but it's slow. As it notes, the faster implementation is https://github.com/TGIO/RNCryptorNative But I'll try to look at this later this week – Rob Napier Nov 04 '20 at 17:05
  • thanks a lot... But I guess they are not going to accept it.. So I have to work with my own class. Lets see what happens – User1075 Nov 04 '20 at 17:09
  • Hi Rob as per Android they are continued to user their own class so can you please help me with Salt binding with IV plus CYPHERTEXT ? The format is [0-16] salt , [16-32] IV and [32 - length] cypher text ... the problem is if I just generate ( RANDOM IV + Cypher text ) it’s working for both android and iOS but if I salt I can’t get decrypted value – User1075 Nov 05 '20 at 11:27
  • Hey rob did you get any chance to look at this code ? – User1075 Nov 08 '20 at 10:37