1

I'm a real noob to encryption. After breaking my head over this for a couple of days i've decided to search for help on StackOverflow.

Currently I'm developing mobile applications for iOS, Android and Windows Phone. In the application i need to request data from a server with an encrypted url. Because the application has to be for iOS, Android and Windows Phone i need to use an encryption that works on each platform. I've decided to use AES encryption with a key and an iv.

I've gotten the AES encryption to work for Windows Phone, but am really stuck on iOS. I've searched the web for a good example but haven't found anything that explained the whole proces. Could anyone help me by giving me an example (with explanation) or a good URL?

Would really appreciate the help!

Edit:

I know I want to generate an AES key based on a key and an iv. With the aes key i want to encrypt my password. The exact question is how i would do that in code.

Aidan
  • 118
  • 1
  • 11
  • did you have a look at http://www.opensource.apple.com/source/CommonCrypto/CommonCrypto-36064/CommonCrypto/ ? – João Portela Jan 02 '12 at 11:11
  • I dit, but i can't seem to get my head around it. I'm looking for an actual working example. – Aidan Jan 02 '12 at 11:19
  • I am currently using chilkat library for encryption/decryption, as such I have no example code for you, but a quick google search gave me this: http://stackoverflow.com/questions/2039940/any-cocoa-source-code-for-aes-encryption-decryption maybe you haven't found it yet. Let's hope someone else will provide you with more useful information. – João Portela Jan 02 '12 at 11:26
  • I've seen that page to. I've got an idea of how the encryption is supposed to work, but i cant figure out how exactly. I know i want to generate an AES key based on a key and an iv. With the aes key i want to encrypt my password. – Aidan Jan 02 '12 at 14:58
  • 1
    I don't follow... what do you mean by "I want to generate an AES key based on a key and an iv?" – João Portela Jan 02 '12 at 15:19
  • 1
    Just so we are clear: AES (assuming CBC mode of operation) needs a KEY and IV, the KEY is _usually_ derived from a password+salt (using something like [PBKDF2](http://en.wikipedia.org/wiki/PBKDF2)) the IV is random and unique for each "file" you encrypt. Depending on your specific problem you may not even need a password and use the KEY directly. Anyway, [a link to a blog post](http://robnapier.net/blog/aes-commoncrypto-564) in the comments of the post I linked previously seems to be enough to get you on the right track. – João Portela Jan 02 '12 at 15:24

2 Answers2

1

I have used openssl for encryption between devices and platforms. There is quite of bit of documentation available and I'm pretty sure it will work for what you need.

There are also several wrappers available on github too to make encrypt/decrypting a bit easier.

OpenSSL

Bill Burgess
  • 14,054
  • 6
  • 49
  • 86
  • OpenSSL is not available on Android by default, and would require the user breaking out of the sandbox. Are you suggesting to use OpenSSL only for iOS? Wouldn't it be more natural to use the devices own encryption roiutines instead? If you would use openssl, you could not use the default key storage options for these devices either. I'm certain that I would not take this route myself... – Maarten Bodewes Jan 02 '12 at 22:10
  • @owlstead what would you recommend then? – Aidan Jan 03 '12 at 11:45
  • I would keep to the encryption API's of the devices. Android has the Java security API's (though officially not Java) backed up by Bouncy Castle. Don't know about Windows phone, but it seems iOS has something similar. AES functionality is certainly included, and because of the different nature of the platforms, there is little value in porting the apps 1:1 anyway. – Maarten Bodewes Jan 03 '12 at 13:43
  • Have a look at this [link](http://robnapier.net/blog/aes-commoncrypto-564). I used this solution and it worked out. – Aidan Mar 07 '13 at 09:34
0

I've ended up using AES. This Encryption type is available for Android, iOS and Windows Phone. For iOS and Android there are plugins available on internet to make the work easier for you. Just search for {platformname} AES and you should get enough websites.

Aidan
  • 118
  • 1
  • 11
  • 1
    Hi could you please provide details of how you did AES in iPhone. We are also facing the same issue as you mentioned, but unable to find the proper solution for iPhone – Raghuveer Aug 24 '12 at 13:42
  • Have a look at this [link](http://robnapier.net/blog/aes-commoncrypto-564). I used this solution and it worked out. – Aidan Mar 07 '13 at 09:33
  • Thanks, we have found the solution already.. Thank you for sharing – Raghuveer Mar 08 '13 at 08:09