ios - Using CommonCrypto with an IV but always returning nil -


i using commoncrypto cccryptorcreate decrypt message. using password , iv returns nil.

if use cccryptorcreate decrypt, don't use iv on during encryption on ruby side , don't use iv on obj-c decrypt side decryption works , can see message.

but if use iv on ruby , iv on obj-c side decryption ends nil message object.

i using encrypt in objective-c / decrypt in ruby using anything

obj-c method:

    - (nsdata *) decrypteddatausingalgorithm: (ccalgorithm) algorithm                                          key: (id) key      // data or string                         initializationvector: (id) iv       // data or string                                      options: (ccoptions) options                                        error: (cccryptorstatus *) error     {         cccryptorref cryptor = null;         cccryptorstatus status = kccsuccess;          nsparameterassert([key iskindofclass: [nsdata class]] || [key iskindofclass: [nsstring class]]);         nsparameterassert(iv == nil || [iv iskindofclass: [nsdata class]] || [iv iskindofclass: [nsstring class]]);          nsmutabledata * keydata, * ivdata;         if ( [key iskindofclass: [nsdata class]] )             keydata = (nsmutabledata *) [key mutablecopy];         else             keydata = [[key datausingencoding: nsutf8stringencoding] mutablecopy];          if ( [iv iskindofclass: [nsstring class]] )             ivdata = [[iv datausingencoding: nsutf8stringencoding] mutablecopy];         else             ivdata = (nsmutabledata *) [iv mutablecopy];    // data or nil          #if !__has_feature(objc_arc)             [keydata autorelease];             [ivdata autorelease];         #endif          // ensure correct lengths key , iv data, based on algorithms         fixkeylengths( algorithm, keydata, ivdata );          status = cccryptorcreate( kccdecrypt, algorithm, options,                                [keydata bytes], [keydata length], [ivdata bytes],                                &cryptor );          if ( status != kccsuccess )         {             if ( error != null )                 *error = status;             return ( nil );         }          nsdata * result = [self _runcryptor: cryptor result: &status];         if ( (result == nil) && (error != null) )             *error = status;          cccryptorrelease( cryptor );          return ( result );     }     === not work ==== nsdata * result = [self decrypteddatausingalgorithm: kccalgorithmaes128                                                 key: [[password datausingencoding:nsutf8stringencoding] sha256hash]                                initializationvector: [aniv datausingencoding:nsutf8stringencoding]                                             options: kccoptionpkcs7padding                                               error: &status];   === work === nsdata * result = [self decrypteddatausingalgorithm: kccalgorithmaes128                                                 key: [[password datausingencoding:nsutf8stringencoding] sha256hash]                                initializationvector: nil                                             options: kccoptionpkcs7padding                                               error: &status];

looks iv may different, ensure data bytes same , length correct.

you want cccrypt one-shot encryption.

from apple: cccrypt stateless, one-shot encrypt or decrypt operation. performs sequence of cccrytorcreate(), cccryptorupdate(), cccryptorfinal(), , cccryptorrelease().

since not using cccrypt have @ least add cccryptorfinal() example.

also note key , iv need correct size in bytes. using nsutf8stringencoding may not produce number of bytes expected if there characters require multiple byte encodings. note: "i" can encoded surrogate pair.

do not use password string without using pbkdf2 generate key.

consider using rncryptor unless know doing crypto.

here simple example code of one-shot encrypt/decrypy method
key , iv must required length.
encoding (base64, nsstring, etc) done outside of method.

+ (nsdata *)docipher:(nsdata *)datain                   iv:(nsdata *)iv                  key:(nsdata *)symmetrickey              context:(ccoperation)encryptordecrypt // kccencrypt or kccdecrypt                error:(nserror **)error {     cccryptorstatus ccstatus   = kccsuccess;     size_t          cryptbytes = 0;     nsmutabledata  *dataout    = [nsmutabledata datawithlength:datain.length + kccblocksizeaes128];      ccstatus = cccrypt( encryptordecrypt,                        kccalgorithmaes128,                        kccoptionpkcs7padding,                        symmetrickey.bytes,                         kcckeysizeaes128,                        iv.bytes,                        datain.bytes,                        datain.length,                        dataout.mutablebytes,                        dataout.length,                        &cryptbytes);      if (ccstatus == kccsuccess) {         dataout.length = cryptbytes;     }     else {         if (error) {             *error = [nserror errorwithdomain:@"kencryptionerror"                                          code:ccstatus                                      userinfo:nil];         }         dataout = nil;     }      return dataout; }

Comments

Post a Comment

Popular posts from this blog

javascript - RequestAnimationFrame not working when exiting fullscreen switching space on Safari -

request animation frame stops working when exiting fullscreen clicking on original space's safari window. fine if fullscreen mode canceled escape key or calling cancelfullscreen(). steps reproduce: open https://dl.dropboxusercontent.com/u/769042/prezi/safari-fullscreen.html click "draw raf", kittie appears click "fullscreen", go fullscreen click "draw raf", kittie appears go space original safari was, showing "click exit fullscreen mode", click anywhere, out fullscreen click "draw raf", nothing happens what handling click calling: window.requestanimationframe(draw); which draws on canvas context: function draw() { ctx.drawimage(img, math.random()*500|0, math.random()*400|0, 100, 100); } i checked .hidden , .visibilitystate, updated correctly. tested on osx 10.9.3, safari 7.0.4 (9537.76.4). has workaround/solution other switching old settimeout? this sounds webkit bug 88940 : using reque
Read more

Python ctypes access violation with const pointer arguments -

i have api i'm trying wrap in python (2.7.6 on win7) code using ctypes. here's api: client_dllfunc bool clientapi search_exporttoclipcopy(clienthsearch handle, int channel, lpctstr filename, const time_t& from, const time_t& to, const bool* cameras, int length, bool usepassword, lpctstr password, bool includetextin = false, bool excludeplayer = false); the issue i'm having cameras argument; , i've had issue other const pointer arguments well. here's how i'm wrapping api: def search_exporttoclipcopy(self, hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, password, includetextin=true, excludeplayer=false): exporttoclipcopy = self.sdkdll.search_exporttoclipcopy exporttoclipcopy.argtypes = [c_int, c_int, c_wchar_p, c_long, c_long, pointer(c_bool), c_int, c_bool, c_wchar_p, c_bool, c_bool] exporttoclipcopy.restype = c_bool exporttoclipcopy(hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, pass
Read more