0

i have this method for decoding:

-(NSString *)decrypt:(NSString *)encryptedTextValue withSecret:(NSString*)secret
{
    NSData *encryptedData = [NSData base64DataFromString:encryptedTextValue];
    NSData *decryptedData = [encryptedData decryptedAES256DataUsingKey:[[secret dataUsingEncoding:NSUTF8StringEncoding] SHA256Hash] error:nil];
    NSString *plainText =  [[NSString alloc] initWithData:decryptedData encoding:NSUTF8StringEncoding];
    return plainText;
}

and decryptedAES256DataUsingKey method, are this :

- (NSData *) AES256EncryptedDataUsingKey: (id) key error: (NSError **) error
{
    CCCryptorStatus status = kCCSuccess;
    NSData * result = [self dataEncryptedUsingAlgorithm: kCCAlgorithmAES128
                                                  key: key
                                              options: kCCOptionPKCS7Padding
                                                error: &status];

    if ( result != nil )
        return ( result );

    if ( error != NULL )
        *error = [NSError errorWithCCCryptorStatus: status];

    return ( nil );
}

And i also have hashe, which is:

wnXGfwFQr4463RLAczVJGw==

Can someone tell me how can i decode this to original string? I have secret key also, but i dont understand how do i should ecnode it, to decode the hash.

David
  • 857
  • 1
  • 11
  • 25
  • Do you have `secret`? What is `hashe`, not it's value what is it used for? – zaph Nov 20 '17 at 19:56
  • @zaph Yes, i have secret. This method is from framework, called Securely, it was coding some info on app, which was coded with Appcelerator, right now i converting app to native language(Swift), and need to decode previous Keychain key;value pairs. – David Nov 20 '17 at 20:02
  • See [this answer](https://stackoverflow.com/a/37681510/451475) for example Swift code that uses Common Crypto, it help with your conversion. – zaph Nov 20 '17 at 20:18
  • @zaph do you know, in which way should i pass secret, into that function ? if i just use string, then i get error >> Error aesCBCEncrypt: KeyError("Invalid key length", 18) It looks like in the method that i posted, it tooks SHA256 hash of key, or something, – David Nov 20 '17 at 20:57

1 Answers1

1

See this example of Swift AES encryption that uses Common Crypto, it help will with your conversion.

func testCrypt(data:Data, keyData:Data, ivData:Data, operation:Int) -> Data {
    let cryptLength  = size_t(data.count + kCCBlockSizeAES128)
    var cryptData = Data(count:cryptLength)
    let keyLength = size_t(kCCKeySizeAES128)
    let options   = CCOptions(kCCOptionPKCS7Padding)
    var numBytesEncrypted :size_t = 0

    let cryptStatus = cryptData.withUnsafeMutableBytes {cryptBytes in
        data.withUnsafeBytes {dataBytes in
            ivData.withUnsafeBytes {ivBytes in
                keyData.withUnsafeBytes {keyBytes in
                    CCCrypt(CCOperation(operation),
                              CCAlgorithm(kCCAlgorithmAES),
                              options,
                              keyBytes, keyLength,
                              ivBytes,
                              dataBytes, data.count,
                              cryptBytes, cryptLength,
                              &numBytesEncrypted)
                }
            }
        }
    }

    if UInt32(cryptStatus) == UInt32(kCCSuccess) {
        cryptData.removeSubrange(numBytesEncrypted..<cryptData.count)

    } else {
        print("Error: \(cryptStatus)")
    }

    return cryptData;
}

You can use a hash and pick the bytes based on the key size you want. But for security use PBKDF2 (Password Based Key Derivation 2) with an iteration count such that it takes ~100ms. Here is a Swift Implementation.

Another option is just to use RNCryptor which includes PBKDDF2, authentication and versioning.

zaph
  • 111,848
  • 21
  • 189
  • 228