I have read the header of CommonCryptor.h, and only I can find kCCAlgorithmAES128
But there are a few answer in SO stating it can, e.g.
AES Encryption for an NSString on the iPhone
Anyone can answer?
Asked
Active
Viewed 2.1k times
8
-
Is there a specific reason why you want to use AES256? It's lower, and offers little benefit over AES128. – CodesInChaos Mar 08 '12 at 11:53
-
note that there is now a constant called `kCCAlgorithmAES` which has the same value as `kCCAlgorithmAES128` – user102008 Sep 13 '14 at 05:01
3 Answers
16
You can always use OpenSSL on iPhone, and that does support AES 256.
That being said, kCCAlgorithmAES128 means a block length of 128, not key length. According to this example code (found in this answer) you simply need to use kCCKeySizeAES256 for the keyLength parameter to get support for 256 bit keys.
-
I am using exactly the example code you linked, but I was not able to get the same encrypted value using openssl, e.g. assume text is "apple", and key is 0, e.g. openssl aes-256-cbc -e -a -K 0 -iv 0 -p -in apple.txt, do you have any idea? – Howard Mar 08 '12 at 12:06
-
@Howard -- There are many reasons why you might not get the same value. Some are differences in setup and others outright bugs. – Hot Licks Mar 08 '12 at 12:24
-
The reason that I've seen most often why these value is whitespace, especially missing/additional newlines. Make absolutely sure that the keys and IVs/salts are 100% identical. Double check that. In this case, what do you mean with the key "0"? The number or the string? I'd guess that the shell will use the string while you're using the number in code. – DarkDust Mar 08 '12 at 13:09
-
@ingaham: The name of the variable is misleading, its type is actually `char[33]` (not a pointer) and thus `sizeof(keyPtr)` is 33. But you're right, the return value of `getCString:maxLength:encoding:` should be checked (it is, however, not always false as you claim). – DarkDust Jan 22 '15 at 10:17
4
Recently I discovered a category of NSData (also NSString) which implements AES en-/decryption. Maybe this is helpful to crypt any kind of data:
Adding methods to NSData and NSString using categories to provide AES256 encryption on iOS
But it seems to have an implementation issue, which makes it incompatible with openSSL.
--
Another useful like might be Properly encrypting with AES with CommonCrypto. To support 256 bit keys just change the kCCKeySizeAES128 to 256.
--
Last but not least this tread looks promising: Decode OpenSSL AES256 string in iOS
-
the nearest answer I found is: http://stackoverflow.com/questions/3178606/encrypt-with-openssl-and-decrypt-on-iphone-with-aes-128-ecb-mode, it is funny that no one is able to get aes256 on objective c working exactly like the openssl, security is a hard issue anyway.. – Howard Mar 08 '12 at 16:09
2
If you goto http://www.opensource.apple.com/source/CommonCrypto/CommonCrypto-36064/CommonCrypto/CommonCryptor.h and search AES256 on the page you will find the key size as 256 ,192,128 so yes it does support AES256 encryption.
Ankit Srivastava
- 12,347
- 11
- 63
- 115