Swift - AES base64 + md5 decryption

Question

I'm trying to decrypt a message sent from our server.

Both our server and my Android client side uses the encryption code from here:
https://gist.github.com/jafetsanchez/1080133

The server uses the CS code to encrypt the message
My android client uses the java code to decrypt the message

I want to add the decryption feature to my iPhone client app with Swift. However I'm not sure how to do it with iOS tools.

I'm using CryptoSwift

Here's what I tried to do:

    let iVector: [UInt8] = [
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
    ]
    
   let encryptedMessage = "encrypted_message_encrypted_message_encrypted_message_encrypted_message_"
    
    let password = "passwordpassword"

    
    do {
        let aes = try AES(key: password, iv: String(bytes: iVector, encoding: .utf8)!, padding: .pkcs7) // aes128
        let decryptedText = try aes.decrypt(encryptedMessage.bytes)
        let data = Data(bytes: decryptedText, count: decryptedText.count)

        if let string = String(data: data, encoding: .utf8) {
            
            print(string)
        } else {
            
            print("not a valid UTF-8 sequence")
        }
    } catch { }

Right now i'm getting error: CryptoSwift.AES.Error.dataPaddingRequired

In addition, I'm not sure how to combine the MD5 hashing there.

Swift AES [Encryption](https://stackoverflow.com/questions/60747842/i-have-a-problem-with-aes-encryption-the-key-i-have-is-based-64-string-the-dat/60752764#60752764), Kotlin AES [Encryption](https://stackoverflow.com/questions/49340005/encrypt-decrypt-string-kotlin/60753383?noredirect=1#comment109670483_60753383) — Kasım Özdemir, Jun 29 '20 at 06:03
@KasımÖzdemir What is salt? In addition, I don't see any md5 reference there — dor506, Jun 29 '20 at 14:37
Salt is used so that the same password does not always generate the same key. Another layer of security is added. MD5 algorithm works in one way. Encryption is done, but decryption cannot be done. There is only the possibility of being resolved using Brute Force attack, but since Brute Force attacks use trial and error, it will take a long time to decrypt the password. — Kasım Özdemir, Jun 29 '20 at 16:31
@KasımÖzdemir But in the example I posted (link) they do not use salt. They only use key(password) and IV. How do I adapt It to the swift code? Thanks! — dor506, Jun 29 '20 at 17:50

score 0 · Answer 1 · answered Jun 29 '20 at 05:57

Try This..

static func encryptMessage(message: String, encryptionKey: String, iv: String) -> String? {
   if let aes = try? AES(key: encryptionKey, iv: iv),
      let encrypted = try? aes.encrypt(Array<UInt8>(message.utf8)) {
      return encrypted.toHexString()
   }
   return nil
}
static func decryptMessage(encryptedMessage: String, encryptionKey: String, iv: String) -> String? {
   if let aes = try? AES(key: encryptionKey, iv: iv),
      let decrypted = try? aes.decrypt(Array<UInt8>(hex: encryptedMessage)) {
      return String(data: Data(decrypted), encoding: .utf8)
   }
   return nil
}

score 0 · Answer 2 · answered Sep 01 '20 at 17:03

You need to go with something along the lines:

let password = "passwordpassword".bytes.md5()
let aes = try AES(key: password, blockMode: CBC(iv: iVector), padding: .pkcs7)

When dealing with data, it's good to carefully follow the format of the data, whether it's a String, or bytes, or Base64.

score 0 · Answer 3 · answered Apr 22 '22 at 12:15

0

let base64String = Data(cipher).base64EncodedString(); //Encode (cipher data from CryptoSwift)

let text = base64String.decryptBase64ToString(cipher: aes); //Decode Base64 also decrypt data

answered Apr 22 '22 at 12:15

a442509097

69
3

Swift - AES base64 + md5 decryption

3 Answers3