Object-C AES 128 is not encrypted

Question

I encrypt the text "a" using AES 128

I find the source throw the internet below.

I try to change key but always reuslt is same.

Always result is 8e4a3d4beb92d54c7e95f67d41daed59

NSString *key = @"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa";
//  NSString *key = @"00000000000000000000000000000000";
plainText = @"a";

cipherData = [ [ plainText dataUsingEncoding:NSASCIIStringEncoding] AES128EncryptWithKey:key];

NSString * str = [self hexEncode : cipherData ];
NSLog( @"str = %@", str );

- (NSData*) iAESEncrypt:(NSString *)key keySize:(int)keySize {
    if(key == nil)
        return nil;

    char keyPtr[keySize+1];
    bzero( keyPtr, sizeof(keyPtr) );

    [key getCString: keyPtr maxLength: sizeof(keyPtr) encoding:NSUTF8StringEncoding];
    size_t numBytesEncrypted = 0x00;

    NSUInteger dataLength = [self length];
    size_t     bufferSize = dataLength + kCCBlockSizeAES128;
    void      *buffer     = malloc(bufferSize);

    CCCryptorStatus result = CCCrypt( kCCEncrypt,
                                     kCCAlgorithmAES128,
                                     kCCOptionECBMode | kCCOptionPKCS7Padding,
                                     keyPtr,
                                     keySize,
                                     NULL /*iv*/,
                                     [self bytes], [self length],
                                     buffer, bufferSize,
                                     &numBytesEncrypted );

    if( result == kCCSuccess )
        return [NSData dataWithBytesNoCopy:buffer length:numBytesEncrypted];
    else
        NSLog(@"iAESEncrypt FAIL!");

    free(buffer);
    return nil;
}

-(NSString *) hexEncode:(NSData*)data
    {
        NSMutableString *hex = [NSMutableString string];
        unsigned char *bytes = (unsigned char *)[data bytes];
        char temp[3];
        NSUInteger i = 0;

        for (i = 0; i < [data length]; i++)
        {
            temp[0] = temp[1] = temp[2] = 0;
            (void)sprintf(temp, "%02x", bytes[i]);
            [hex appendString:[NSString stringWithUTF8String:temp]];
        }
        return hex; 
    }



- (NSData*)AES128EncryptWithKey:(NSString*)key 
{

    return [self iAESEncrypt:key keySize:kCCKeySizeAES128];
}

score 0 · Answer 1 · edited May 23 '17 at 10:25

Your key variable has 32 length which is probably a Hex data. So first, you must convert it to NSData with length of kCCKeySizeAES128 (16 bytes).

You can use your hex decoder code or thank to hex conversion code here https://stackoverflow.com/a/7318062/296651 :

....
key = [key stringByReplacingOccurrencesOfString:@" " withString:@""];
NSMutableData *commandToSend= [[NSMutableData alloc] init];
unsigned char whole_byte;
char byte_chars[3] = {'\0','\0','\0'};
int i;
for (i=0; i < [key length]/2; i++) {
    byte_chars[0] = [key characterAtIndex:i*2];
    byte_chars[1] = [key characterAtIndex:i*2+1];
    whole_byte = strtol(byte_chars, NULL, 16);
    [commandToSend appendBytes:&whole_byte length:1];
}


size_t numBytesEncrypted = 0x00;

NSUInteger dataLength = [self length];
size_t     bufferSize = dataLength + kCCBlockSizeAES128;
void      *buffer     = malloc(bufferSize);
memset(buffer, 0, bufferSize);

CCCryptorStatus result = CCCrypt( kCCEncrypt,
                                 kCCAlgorithmAES128,
                                 kCCOptionECBMode | kCCOptionPKCS7Padding,
                                 [commandToSend bytes],
                                 keySize,
                                 NULL /*iv*/,
                                 [self bytes], [self length],
                                 buffer, bufferSize,
                                 &numBytesEncrypted );
....

score 0 · Answer 2 · edited May 23 '17 at 11:50

0

You're always encrypt with an empty string.

[key getCString: keyPtr maxLength: sizeof(keyPtr) encoding:NSUTF8StringEncoding];

The sizeof(keyPtr) is always 4... Use

[key getCString: keyPtr maxLength: keySize encoding:NSUTF8StringEncoding];

And getCString: is returning a BOOL result.. In your case it is always false, but the code posted does not check it.

There are several AES implementation, which are right. And may I recommend to use AES256 instead of 128. It is much more secure.

edited May 23 '17 at 11:50

Community

1
1

answered Jan 12 '15 at 15:27

Balazs Nemeth

2,333
19
29

1

AES-128 is pretty secure as well. Often the best thing to provide more security is to make sure that the integrity and authenticity is validated by adding an authentication tag (e.g. by using HMAC over IV & ciphertext). – Maarten Bodewes Jan 12 '15 at 18:51
No, `sizeof(keyPtr)` is _not_ always 4! Please try it. The type is a char array, not pointer. Thus `sizeof(keyPtr)` is really `keySize+1`. But the return value should be checked, you're right about that. – DarkDust Jan 22 '15 at 10:24
Also, the `kCCAlgorithmAES128` is about the _block_ size, not the _key_ size. The name of the constant is misleading, IMHO. It's because the Rijndael algorithm is able to use different block lengths but for AES, only 16-byte blocks were standardized. So to get what is commonly called "AES256" you just need to provide a key of the appropriate size (`kCCKeySizeAES256`). – DarkDust Jan 22 '15 at 10:29

Object-C AES 128 is not encrypted

2 Answers2