0

How to decrypt a text got as a response from the server.

I have the below parameters that was used to encrypt the string with Rijndael AES algorithm.

passPhrase = "Jxy37Kn@" saltValue = "M9!1lj5" hashAlgorithm = "SHA1" passwordIterations = 2 //Integer initVector = "@1B2c3D4e5F6g7H8" keySize = 256 //Integer

The text that I get from the server is jp9VG27FQYXh+Uvkc9meFw==

Can someone please help me to decrypt the above text in iOS by pointing to some sample code.

I use the below code

const CCAlgorithm kAlgorithm = kCCAlgorithmAES128;
const NSUInteger kAlgorithmKeySize = kCCKeySizeAES256;
const NSUInteger kAlgorithmBlockSize = kCCBlockSizeAES128;
const NSUInteger kPBKDFRounds = 2;

- (NSData *)AESKeyForPassword:(NSString *)password
                     salt:(NSData *)salt {

NSMutableData *derivedKey = [NSMutableData dataWithLength:kAlgorithmKeySize];

int result = CCKeyDerivationPBKDF(kCCPBKDF2,        // algorithm
                              password.UTF8String,  // password
                              password.length,      // passwordLength
                              salt.bytes,           // salt
                              salt.length,          // saltLen
                              kCCPRFHmacAlgSHA1,  // PRF
                              kPBKDFRounds,         // rounds
                              derivedKey.mutableBytes, // derivedKey
                              derivedKey.length);   // derivedKeyLen

// Do not log password here
NSAssert(result == kCCSuccess,
         @"Unable to create AES key for password: %d", result);

return derivedKey;
}

- (void) decryptText
{
NSData *data = [NSData dataFromBase64String:@"jp9VG27FQYXh+Uvkc9meFw=="];
NSData *iv = [@"@1B2c3D4e5F6g7H8" dataUsingEncoding:NSUTF8StringEncoding];
NSData *salt = [@"M9!1lj5" dataUsingEncoding:NSUTF8StringEncoding];

NSData *key = [self AESKeyForPassword:@"Jxy37Kn@" salt:salt];

size_t outLength;
NSMutableData *cipherData = [NSMutableData dataWithLength:data.length + kAlgorithmBlockSize];

CCCryptorStatus result = CCCrypt(kCCDecrypt, // operation
                 kAlgorithm, // Algorithm
                 kCCOptionECBMode, // options
                 key.bytes, // key
                 key.length, // keylength
                 iv.bytes,// iv
                 data.bytes, // dataIn
                 data.length, // dataInLength,
                 cipherData.mutableBytes, // dataOut
                 cipherData.length, // dataOutAvailable
                 &outLength); // dataOutMoved

if (result == kCCSuccess) {
    cipherData.length = outLength;
}
else {

}

NSString *apptStr = [[NSString alloc] initWithData:cipherData encoding:NSASCIIStringEncoding];
NSLog(@"apptStr:%@",apptStr);

}

I get this after decrypt "#Ï¢K´xÞ#É¢ç" which I believe is incorrect. What am I missing here??

Ganesh Nayak
  • 802
  • 11
  • 38
  • Rijndael is not DES. They are completely different algorithms. Please figure out which one you mean. – zindorsky Sep 03 '13 at 15:32
  • Hi Zindorsky please see my edited question – Ganesh Nayak Sep 03 '13 at 16:57
  • Couple of things: 1. You say that you believe your result to be correct. Did you mean incorrect? If so, what result do you expect? It's hard to know what you need if you don't know that. 2. What mode of encryption is expected? You're code is using ECB, but you are also providing an IV. ECB doesn't use an IV. Maybe find out the mode. 3. Your specifications say that the key is 256 bits, but you have `kAlgorithm` set to `kCCAlgorithmAES128`. 4. The question is still tagged `des` even though there is nothing to do with `des` here. – zindorsky Sep 03 '13 at 19:31
  • @GaneshNayak, can u please help me on http://stackoverflow.com/questions/43548383/why-got-different-result-of-encryption-for-same-string-in-c-sharp-and-ios-using this question. it is related to Rijndael and aes. – Vinod Jadhav Apr 24 '17 at 03:42

1 Answers1

0

You should not be decrypting sha1 hashes. They are designed to be one way encryptions! Rather, if you need passwords, let's say for authentication, you should have users enter password information, and then send it to the server where the server then hashes the text. It should then check the password you sent to the server (now hashed) against the version you had previously hashed before and return to your app a "success" message if it works. Since sha1 is consistently the same algorithm, it should match!

Note: if you can only receive the pass phrases, and can't change the architecture of how you are managing passwords, you could do the same sort of thing by sha1 hashing in objective-c and comparing against the password.

Community
  • 1
  • 1
AdamG
  • 3,718
  • 2
  • 18
  • 28
  • Sorry, I din't get that. I get this string "jp9VG27FQYXh+Uvkc9meFw==" from the server. Now how to decode this string? – Ganesh Nayak Sep 03 '13 at 14:23
  • You cannot decode it. Hashing is "one directional", meaning you can hash to a string, but not decode it. The work around for this is (as conventional) a user enters a password and you would to compare it, hash what the user enters (using the same hashing algorithm, sha1 in this case) and compare it. IE something like passStringFromServer == sha1(userEnteredPassString). – AdamG Sep 03 '13 at 21:11